Recursion Question

[LeBlanc, Daniel James]

Hello All.

I have a recursion via forwarder question.  Consider the following scenario:


-          A client sends a query to an internal recursive DNS server for the following A record: 'a.b.c.private.dns.com'

-          The Recursive DNS server is unaware of this domain and sends the request to its Forwarding DNS

-          The Forwarding DNS server has Internet access and begins the recursion process

o   It successfully determines the NS authoritative for 'private.dns.com'

o   It is unable to continue the resolution process as it does not have access to the NS authoritative for 'private.dns.com'

o   It times out and returns a failed response to the Recursive DNS

Is it possible to return the information that it has to the Recursive DNS server?  And if so, is it possible for the Recursive DNS server to complete the lookup against NS private.dns.com (it has network access)?  I have been unable to find any guidance on this and am concerned that this is not a supported scenario.  Alternatives under consideration are:


-          Allow Forwarding DNS access to NS responsible for 'private.dns.com'

-          Make Recursive DNS aware of zone 'private.dns.com' so that it does not use the Forwarding DNS

-          ?? (open to suggestions!)

Thanks in advance!

Daniel J. LeBlanc, P.Eng., MBA, DTME

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20211220/c6004787/attachment.htm>