Forwarding request to another DNS server but the same domain
Kevin Darcy
kcd at chrysler.com
Wed Apr 30 20:54:37 UTC 2014
Oh, I thought this was an external-versus-internal scenario. But, this
is even easier.
A) One of the nameservers (pick DNS1 or DNS2) becomes a slave (of the
"stealth" variety, if you want) of the other
B) People use nsupdate to maintain the zone
For security, TSIG-sign the updates. For fast change propagation, set up
NOTIFY if and as necessary.
- Kevin
On 4/30/2014 4:32 PM, Jeronimo L. Cabral wrote:
> Dear John, this is my scenario:
>
> 1) Office 1: people work with some machines and fill up a local master
> zone "company.com <http://company.com>" with records in DNS1
> 2) Office 2: people works with some others machines and fill up a
> local master zone "company.com <http://company.com>" with another
> records in DNS2
>
> So both office have a different master zone.
>
> Both offices belong to the same company, so I need that any client PC
> can resolve a hostname from "company.com <http://company.com>"
> domain, independently if this record is in DNS1 or DNS2.
>
> Thanks again, regards.
>
> JeLo
>
>
>
> On Wed, Apr 30, 2014 at 5:21 PM, John Miller <johnmill at brandeis.edu
> <mailto:johnmill at brandeis.edu>> wrote:
>
> Hi Jeronimo,
>
> First of all, please just tell us the real domain. Yes, we could
> try and talk about a fictitious "example.com <http://example.com>"
> or "company.com <http://company.com>," but having the real domain
> name lets us actually query your nameservers.
>
> Let me be sure I understand: you have two DNS servers. Each of
> them is authoritative for the same domain. Are both set as master?
>
> The two servers have different copies of the zone--what's your
> reason for that?
>
> If both servers think they are authoritative for a zone, then they
> will answer recursive queries for those zones themselves. From
> the manual:
>
> "Forwarding occurs only on those queries for which the server is
> not authoritative and does not have the answer in its cache."
>
> What exactly are you trying to achieve?
>
> John
>
>
>
> On Wed, Apr 30, 2014 at 3:55 PM, Jeronimo L. Cabral
> <jelocabral at gmail.com <mailto:jelocabral at gmail.com>> wrote:
>
> Dear, I would like to ask for solution related with DNS (bind)
> configuration to allow forward requests to another DNS but
> related with the same domain.
>
> I'm asking about two authoritative name servers serving the
> same domain but with different zone file info on each and have
> one of them forward recursive queries to another one if first
> one cannot find some particular subdomain record that is
> missing in his version of zone file.
>
> My named.conf.local is as follow, but it doesn't work:
>
> zone "company.com <http://company.com>" {
> type master;
> file "/etc/bind/zones/company.com.db";
> allow-transfer { key "company"; };
> check-names ignore;
> forward first;
> forwarders { 172.16.1.1; };
> };
>
> Thanks a lot,
>
> JeLo
>
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users
> to unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org <mailto:bind-users at lists.isc.org>
> https://lists.isc.org/mailman/listinfo/bind-users
>
>
>
>
> --
> John Miller
> Systems Engineer
> Brandeis University
> johnmill at brandeis.edu <mailto:johnmill at brandeis.edu>
> (781) 736-4619
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org <mailto:bind-users at lists.isc.org>
> https://lists.isc.org/mailman/listinfo/bind-users
>
>
>
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20140430/3329eac5/attachment-0001.html>
More information about the bind-users
mailing list