On Tue, Oct 10, 2017 at 11:21 AM, seanliam73 <sean.orei...@landg.com> wrote:
> Hi
>
> I have a subdomain delegated from AD to a bind9 instance I have running
> that
> so that all requests for that subdomain are sent to the bind 9 instance. I
> would then like to set up zone forwarding so that further subdomains can be
> managed by other bind 9 instances.
>
> I know the forwarding is working because I can query the main bind9
> instance
> at receive the expected results. However if I query from the AD server that
> is doing the delegation I get a SERVFAIL error.
>
> Am I trying to do something that is not possible or am I just missing some
> configuration.
>
> *main instance config*
>
> options {
> directory "/var/named";
> listen-on port 53 { listen addr; };
> auth-nxdomain yes;
> recursion yes;
> allow-query { ip addresses; };
>
--------- You might also need to add:
allow-recursion { ip addresses; };
--
Bob Harold
> listen-on-v6 { any; };
> dnssec-enable no;
> dnssec-validation no;
> dnssec-lookaside auto;
> };
>
> logging {
> channel default_debug {
> file "data/named.run";
> severity debug 3;
> };
>
> channel querylog {
> file "data/query.log";
> severity debug 5;
> };
>
> category default { default_debug; };
> category queries { querylog; };
> };
>
> zone "example.company.com" IN {
> type forward;
> forward only;
> forwarders { ip address; };
> };
>
> zone "development.example.company.com" IN {
> type forward;
> forward only;
> forwarders { ip address; };
> };
>
>
>
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
