LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 05-09-2008, 10:59 AM   #1
tilman1
Member
 
Registered: Mar 2007
Location: Stuttgart, Germany
Distribution: gentoo
Posts: 72

Rep: Reputation: 15
bind9: configuration: non-authoritative zone


Hello,

I have a name server installed servicing my private network. DNS queries outside this network are forwarded to the the DNS of my ISP.

Now, I would like to add DNS resolution of an additional domain that I temporarily connect to via IPSEC. The DNS of my network shall return the name server of the temporarily connected domain to asking clients.
I guess I have to add a glue record for the name server of the additional domain. I am however unsure how to do that. A sample would be appreciated.


Thanks
Tilman
 
Old 05-10-2008, 10:54 AM   #2
tilman1
Member
 
Registered: Mar 2007
Location: Stuttgart, Germany
Distribution: gentoo
Posts: 72

Original Poster
Rep: Reputation: 15
I guess something like this might be the answer to my question. I am just not to sure what it does, and it is not working as intended.
The idea is to forward all request orginating from mydomain to the name server of subdomain.myotherdomain.com. 10.0.0.11 is the DNS of subdomain.myotherdomain.com

/etc/named.conf
zone "subdomain.myotherdomain.com" in {
type forward;
forwarders { 10.0.0.11; };
};

zone "0.10.in-addr.arpa" IN {
type forward;
forwarders { 10.0.0.11; };
};

The name server of subdomain.myotherdomain.com seems not to answer the DNS request. I wonder whether is issue lies with the domain server of subdomain.myotherdomain.com or with the name server of mydomain. Can anybody comment on that ?

Thanks
 
Old 05-11-2008, 02:15 AM   #3
JimBass
Senior Member
 
Registered: Oct 2003
Location: New York City
Distribution: Debian Sid 2.6.32
Posts: 2,100

Rep: Reputation: 49
Quote:
The DNS of my network shall return the name server of the temporarily connected domain to asking clients.
That won't work at all. Your server can't tell the clients another server to ask, that isn't the way DNS is designed. Your server must answer the client, the client won't go ask another box.

Forwarding will do that, but the DNS server does the work. If a client asks for an address on the specified domain, your DNS server can be set to forward that request to the appropriate DNS server on the other side of the IPSEC connection, but it cannot dump that responsibility on the client, the client only knows how to ask its defined DNS box.

These links can help you with the setup of the zone, and I could help more if you used specific examples.

http://www.isc.org/sw/bind/arm93/Bv9...tement_grammar (specific)
http://www.isc.org/sw/bind/arm93/Bv9ARM.ch06.html (the full chapter, with more info)

Peace,
JimBass
 
Old 05-11-2008, 05:06 PM   #4
tilman1
Member
 
Registered: Mar 2007
Location: Stuttgart, Germany
Distribution: gentoo
Posts: 72

Original Poster
Rep: Reputation: 15
Dear Jim

Thanks for the references. I reconfigured, and using the correct IP address for the DNS server, it works :-)

Best regards

Tilman
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
shared zone file in bind9 matiasquestions Linux - Server 2 04-04-2008 09:02 AM
deleted master dns zone and messed bind9 up :\ steve51184 Linux - Server 23 03-24-2008 06:07 AM
dns configuration using Bind9 and ubuntu aljohn123 Ubuntu 0 11-13-2006 10:47 PM
DNS Zone x-fer - From one zone to another / Debian 3.1 + BIND9 kenwoodgt Linux - Software 0 11-01-2006 10:28 AM
(Bind9) New Zone icon not visible in Webmin Akhran Ubuntu 0 01-29-2006 12:28 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 10:02 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration