does zone trump forward?
Matus UHLAR - fantomas
uhlar at fantomas.sk
Sun Jun 2 21:43:50 UTC 2013
On 02.06.13 15:10, Jonathan Reed wrote:
>I've only ever come across bind configs where forwarding is in place to
>locate certain zones, then all other queries are handled by either
>recursion or authoritatively. But what about the other way around, where
>I'm master for a few zones but forward the rest? Consider this:
>
>view "the-internet" {
> recursion no;
this disables queries for any domain not specified locally.
The server will answer SERVFAIL....
> type forward;
the "type" does not belong to view definition.
> forwarders { 8.8.8.8; };
and forwarders are in fact useless when you have "recursion no".
They would only be used for BIND-initiated queries (e.g. used for sending
NOTIFY requests).
> zone "example.com" {
> type master
> file "example.com"
> ......
>}
>
>Whats confusing me is the implied configuration setting of forward first
>when the forward statement is used. If it truly forwards first, then I see
>an odd logical scenario happening. All queries are sent to the forwarder
>before being handled by localhost. Then, once the forwarder recognizes that
>I'm the master of example.com, why would a loop not occur if the forwarder
>matches this view?
local domains are served locally. Only recursive queries are being
forwarded.
>To ask the question another way, does the zone statement take precedence on
>matching queries over any forwarding?
yes.
--
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Atheism is a non-prophet organization.
More information about the bind-users
mailing list