Problem with forward zone in view
Carol Overes
carol at overes.net
Sun Sep 8 11:06:20 UTC 2013
Hi Phil,
Apologies if my approach was not clear, after Steve's mail. But I tested
by using dig without the +trace option. I have tested the following from
an IP, which is accepted via the trusted ACL:
dig @10.10.10.1 www.domain2.com A
dig @10.10.10.1 domain2.com NS
And directly from the internal DNS server 10.10.10.1:
dig @127.0.0.1 www.domain2.com A
dig @127.0.0.1 domain2.com NS
Regards,
Carol
On Sun, Sep 08, 2013 at 11:54:34AM +0100, Phil Mayers wrote:
> You're not understanding:
>
> +trace is done client-side, and from the top-down. It doesn't honour
> any forwarders set server-side. It also doesn't replicate what a
> real recursive client does, so it's not a good test.
>
> What happens if you test without +trace? Just do:
>
> dig @10.x.x.x www.domain2.com
>
> Ignore +trace - it's not useful in this situation.
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the bind-users
mailing list