Authoritative for one domain, caching for the rest

[Matus UHLAR - fantomas]

On 24.03.21 17:08, Olivier wrote:
>After reading [1]and many trials, I couldn't figure how to set a Bind9
>(9.11.5 on Debian Buster) server to operate this way:
>
>- server has two Ethernet interfaces, one connected to foo.lan/
>192.168.51.0/24 domain/network, the other connected to bar.lan/
>192.168.43.0/24 domain/network
>- I want it to resolve for bar.lan and for anything to query a DNS server
>available on foo.lan.
>
>My anonymized /etc/bind/named.conf.local content is:
>
>acl "good-guys" {
>   localnets;
>};
>
>zone "bar.lan" {
>   type master;
>   file "/etc/bind/db.bar.lan";
>   forwarders {};
>   allow-query { "good-guys"; };
>};
>
>zone "43.168.192-in-addr.arpa" {
>   type master;
>   file "/etc/bind/rev.43.168.192.in-addr.arpa";
>   forwarders {};
>};
>
>zone "foo.lan" {
>   type master;
>   file "/etc/bind/db.foo.lan";
>   forwarders { 192.168.51.1; };
>};
>
>zone "51.168.192-in-addr.arpa" {
>   type master;
>   file "/etc/bind/rev.51.168.192.in-addr.arpa";
>   forwarders { 192.168.51.1; };
>
>
>Resolution works for:
>bar.lan,
>google.com
>host1.foo.lan if entry present in /etc/bind/db.foo.lan
>but it does not work for:
>host2.foo.lan if entry not present in /etc/bind/db.foo.lan

"file" is used in master and slave zones.
"forwarders" is used in "type forward" zones.

those are mutually-exclusice, so forwarders aren't used for master and
slave zones, while "file" is not used for "type forward" zones.

Maybe you want something like dnsmasq?


-- 
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
We are but packets in the Internet of life (userfriendly.org)