Hello List, We are planning to migrate to Bind dns, I'm a bit newbie.
In our design we have two views; int and ext. As internal view, recursion is on and we have our internal zones & forwarders. I have no problem with internal view. In external view, recursion in no. Also have some zones. In testing external view, I can query the records in zones, thats not a problem also. But when I try to query, for example www.google.com<http://www.google.com> it returns the root servers records by dig. ;; QUESTION SECTION: ;ww. IN A ;; AUTHORITY SECTION: . 518400 IN NS D.ROOT-SERVERS.NET. . 518400 IN NS M.ROOT-SERVERS.NET. . 518400 IN NS C.ROOT-SERVERS.NET. . 518400 IN NS J.ROOT-SERVERS.NET. . 518400 IN NS G.ROOT-SERVERS.NET. . 518400 IN NS H.ROOT-SERVERS.NET. . 518400 IN NS I.ROOT-SERVERS.NET. . 518400 IN NS L.ROOT-SERVERS.NET. . 518400 IN NS F.ROOT-SERVERS.NET. . 518400 IN NS K.ROOT-SERVERS.NET. . 518400 IN NS A.ROOT-SERVERS.NET. . 518400 IN NS B.ROOT-SERVERS.NET. . 518400 IN NS E.ROOT-SERVERS.NET. And status: NOERROR also in nslookup: Name: www.google.com Served by: - E.ROOT-SERVERS.NET - F.ROOT-SERVERS.NET - J.ROOT-SERVERS.NET - G.ROOT-SERVERS.NET - D.ROOT-SERVERS.NET - C.ROOT-SERVERS.NET - A.ROOT-SERVERS.NET But in our existing DNS enviroment, I get status: SERVFAIL to same query. Is this a normal behaviour ? How can I disable this Authority section with root server NS records? My external view: view "EXTERNAL" { match-clients {"any";}; allow-query-on {ext_ip; }; recursion no; allow-recursion { none;}; #Include SLAVE zones include "slave.zones"; #Include REVERSE zones include "reverse.zones"; };// view EXTERNAL Regards, Okan.
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users