No it won't forward unless you have all the records. I don't see how this is scalable.
Thanks, Brian Desmond [email protected] w - 312.625.1438 | c - 312.731.3132 From: Kennedy, Jim [mailto:[email protected]] Sent: Friday, February 10, 2012 9:45 AM To: NT System Admin Issues Subject: DNS Partial zone CNAMEs? Long story made somewhat short: We enforce safe search on google images with our filter. If a clever student hits https://www.google.com and searches for Excalibur Films images the safe search enforcement fails and they are going to get more than they should. And since I now know this, I will go to jail and my wife will be sad. So I need to do the below from Google: To utilize this solution, your school's network administrator would modify your DNS (Domain Name System) configuration to make Google domains, e.g. www.google.com<http://www.google.com> to be an alias or CNAME (canonical name) of nossl.google.com. When we see search requests arriving over the nossl end point we will redirect these to a non-SSL search session. HTTP traffic and other services will not be affected. I am a bit puzzled on how to do this. If I toss up a zone for google.com and put up a www.google.com<http://www.google.com> CNAME nossl.google.com What happens when someone tries to hit mail.google.com? My zone lookup will fail...will my DNS server then hit my forwarders for mail.google.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
