Forwarding request to another DNS server but the same domain

Kevin Darcy kcd at chrysler.com
Wed Apr 30 20:54:37 UTC 2014 

Oh, I thought this was an external-versus-internal scenario. But, this 
is even easier.

A) One of the nameservers (pick DNS1 or DNS2) becomes a slave (of the 
"stealth" variety, if you want) of the other
B) People use nsupdate to maintain the zone

For security, TSIG-sign the updates. For fast change propagation, set up 
NOTIFY if and as necessary.

                                                                 - Kevin

On 4/30/2014 4:32 PM, Jeronimo L. Cabral wrote:
> Dear John, this is my scenario:
>
> 1) Office 1: people work with some machines and fill up a local master 
> zone "company.com <http://company.com>" with records in DNS1
> 2) Office 2: people works with some others machines and fill up a 
> local master zone "company.com <http://company.com>" with another 
> records in DNS2
>
> So both office have a different master zone.
>
> Both offices belong to the same company, so I need that any client PC 
> can resolve a hostname from "company.com <http://company.com>" 
> domain, independently if this record is in DNS1 or DNS2.
>
> Thanks again, regards.
>
> JeLo
>
>
>
> On Wed, Apr 30, 2014 at 5:21 PM, John Miller <johnmill at brandeis.edu 
> <mailto:johnmill at brandeis.edu>> wrote:
>
>     Hi Jeronimo,
>
>     First of all, please just tell us the real domain. Yes, we could
>     try and talk about a fictitious "example.com <http://example.com>"
>     or "company.com <http://company.com>," but having the real domain
>     name lets us actually query your nameservers.
>
>     Let me be sure I understand: you have two DNS servers.  Each of
>     them is authoritative for the same domain.  Are both set as master?
>
>     The two servers have different copies of the zone--what's your
>     reason for that?
>
>     If both servers think they are authoritative for a zone, then they
>     will answer recursive queries for those zones themselves.  From
>     the manual:
>
>     "Forwarding occurs only on those queries for which the server is
>     not authoritative and does not have the answer in its cache."
>
>     What exactly are you trying to achieve?
>
>     John
>
>
>
>     On Wed, Apr 30, 2014 at 3:55 PM, Jeronimo L. Cabral
>     <jelocabral at gmail.com <mailto:jelocabral at gmail.com>> wrote:
>
>         Dear, I would like to ask for solution related with DNS (bind)
>         configuration to allow forward requests to another DNS but
>         related with the same domain.
>
>         I'm asking about two authoritative name servers serving the
>         same domain but with different zone file info on each and have
>         one of them forward recursive queries to another one if first
>         one cannot find some particular subdomain record that is
>         missing in his version of zone file.
>
>         My named.conf.local is as follow, but it doesn't work:
>
>         zone "company.com <http://company.com>" {
>             type master;
>             file "/etc/bind/zones/company.com.db";
>         allow-transfer { key "company"; };
>             check-names ignore;
>             forward first;
>             forwarders { 172.16.1.1; };
>         };
>
>         Thanks a lot,
>
>         JeLo
>
>
>         _______________________________________________
>         Please visit https://lists.isc.org/mailman/listinfo/bind-users
>         to unsubscribe from this list
>
>         bind-users mailing list
>         bind-users at lists.isc.org <mailto:bind-users at lists.isc.org>
>         https://lists.isc.org/mailman/listinfo/bind-users
>
>
>
>
>     -- 
>     John Miller
>     Systems Engineer
>     Brandeis University
>     johnmill at brandeis.edu <mailto:johnmill at brandeis.edu>
>     (781) 736-4619
>
>     _______________________________________________
>     Please visit https://lists.isc.org/mailman/listinfo/bind-users to
>     unsubscribe from this list
>
>     bind-users mailing list
>     bind-users at lists.isc.org <mailto:bind-users at lists.isc.org>
>     https://lists.isc.org/mailman/listinfo/bind-users
>
>
>
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20140430/3329eac5/attachment-0001.html>

More information about the bind-users mailing list