Multiple roots?
Dave Wreski
dave at guardiandigital.com
Tue Jul 9 02:46:14 UTC 2002
Hi all,
I'm trying to configure an internal name server that is to become
authoritative for a top-level domain that is different than the
top-level of the company to which it belongs.
In other words, I have something like this:
[Internet]-----[DMZ]----[ns.inside.companyA.com]
| |
[ns.companyA.com] [internal network]
|
|
[ns.bigcompany.com]
ns.inside.companyA.com is also a proxy server. Hosts on the internal
network need to be able to resolve hosts within the bigcompany.com
domain using the bigcompany.com internal domain servers, not the one's
authoritative for the top-level domain.
ns.bigcompany.com has no knowledge of ns.inside.companyA.com.
The problem is that when clients on the internal network try to resolve
www.internal.bigcompany.com using ns.inside.companyA.com, the nameserver
seeks its answer from the public DNS servers on the Internet.
If I use forwarders on ns.inside.companyA.com with name servers capable
of resolving hosts in the private.bigcompany.com domain and a root cache
file containing the correct bigcompany-root.net servers, it works
correctly but then of course it's unable to resolve public Internet hosts.
If I use forwarders on ns.inside.companyA.com with a name server defined
in the public DMZ and public root servers, I'm of course able to resolve
hosts on the Internet but not the bigcompany.com internal hosts.
If I use the name server in the public DMZ as a forwarder combined with
the internal root servers, I receive the following for each of the 6
defined root servers:
08-Jul-2002 22:26:26.084 default: check_hints: no A records for
c.bigcompany-root.net class 1 in hints
What am I doing wrong? Is this even possible? Is it possible to somehow
define multiple roots or configure forwarders correctly?
Thanks,
Dave
--
Dave Wreski
Corporate Manager Guardian Digital, Inc.
(201) 934-9230 Pioneering. Open Source. Security.
dave at guardiandigital.com http://www.guardiandigital.com
More information about the bind-users
mailing list