Re: Define an internal zone with only a couple of A records, then forward to an external dns server
Alberto wrote on 01/17/2013 10:09:00 AM: - I want to define in my dns server a zone external_partner.com, which is the domain of our partner who manages it with his dns public server dns.external_partner.com. - I need to define into this zone a couple of servers (vpn_host_1.external_partner.com, vpn_host_2.external_partner.com) because we connect via vpn to our partner. - I want that the rest of the names, e.g. www.external_partner.com , are resolved forwarding the requests to the dns of our partner. Can you use host_[1|2].vpn.external_partner.com instead? Then you can define a zone for vpn.external_partner.com with those A records, and a forward zone for the rest of external_partner.com (but not including vpn.external_partner.com). Confidentiality Notice: This electronic message and any attachments may contain confidential or privileged information, and is intended only for the individual or entity identified above as the addressee. If you are not the addressee (or the employee or agent responsible to deliver it to the addressee), or if this message has been addressed to you in error, you are hereby notified that you may not copy, forward, disclose or use any part of this message or any attachments. Please notify the sender immediately by return e-mail or telephone and delete this message from your system. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Define an internal zone with only a couple of A records, then forward to an external dns server
If you load the zone your server will believe it knows everything about the zone and not forward anything below it. If you load foo.com with two records, nothing but those two records will ever resolve on that server for foo.com. One way to make it work would be to load two zones. Vpn1.foo.com and vpn2.foo.com each with their A records. Then you would only blackhole things below vpn1.foo.com and vpn2.foo.com. On Jan 17, 2013 10:09 AM, Alberto Zanon alberto.za...@edistar.com wrote: Hi all, I googled all the morning without success :( I'm using Bind 9.9.1 and i'm a newbie of Bind. This is my goal: - I want to define in my dns server a zone external_partner.com, which is the domain of our partner who manages it with his dns public server dns.external_partner.com. - I need to define into this zone a couple of servers (vpn_host_1. external_partner.com, vpn_host_2.external_partner.com) because we connect via vpn to our partner. - I want that the rest of the names, e.g. www.external_partner.com, are resolved forwarding the requests to the dns of our partner. I tried this without success: - in named.conf: zone external_partner.com { type master; file master/ external_partner.com.zon; forwarders {xxx.xxx.xxx.xxx;}; }; and I have recursion yes in the options. - in external_partner.com.zon I have only the two entries: $TTL300 @ IN SOA dns.edistar.com. admin.dns.edistar.com. ( 2013011701 ; Serial 300 ; Refresh 300 ; Retry every hour 300 ; Expire after a week 300 ) ; Minimum ttl of 1 day IN NS dns.edistar.com. TXT vpn servers vpn_host_1.external_partner.com. IN A xxx.xxx.xxx.xxx vpn_host_2.external_partner.com. IN A xxx.xxx.xxx.xxx I read about forward first option but is the opposite of my goal, correct? Thanks in advance for your responses. Alberto Zanon ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Define an internal zone with only a couple of A records, then forward to an external dns server
On 17/01/13 15:16, wbr...@e1b.org wrote: Alberto wrote on 01/17/2013 10:09:00 AM: - I want to define in my dns server a zone external_partner.com, which is the domain of our partner who manages it with his dns public server dns.external_partner.com. - I need to define into this zone a couple of servers (vpn_host_1.external_partner.com, vpn_host_2.external_partner.com) because we connect via vpn to our partner. - I want that the rest of the names, e.g. www.external_partner.com , are resolved forwarding the requests to the dns of our partner. Can you use host_[1|2].vpn.external_partner.com instead? Then you can define a zone for vpn.external_partner.com with those A records, and a forward zone for the rest of external_partner.com (but not including vpn.external_partner.com). Does static-stub do what you want? https://kb.isc.org/article/AA-00845/116/BIND-9.9-Administrator-Reference-Manual-ARM.html ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Define an internal zone with only a couple of A records, then forward to an external dns server
Thank you for all your replies! I'll try to implement your suggestions using a subdomain. Best regards. Alberto Zanon - Messaggio originale - Da: Ben Croswell ben.crosw...@gmail.com A: Alberto Zanon alberto.za...@edistar.com Cc: bind-users@lists.isc.org Inviato: Giovedì, 17 gennaio 2013 16:21:36 Oggetto: Re: Define an internal zone with only a couple of A records, then forward to an external dns server If you load the zone your server will believe it knows everything about the zone and not forward anything below it. If you load foo.com with two records, nothing but those two records will ever resolve on that server for foo.com . One way to make it work would be to load two zones. Vpn1.foo.com and vpn2.foo.com each with their A records. Then you would only blackhole things below vpn1.foo.com and vpn2.foo.com . On Jan 17, 2013 10:09 AM, Alberto Zanon alberto.za...@edistar.com wrote: Hi all, I googled all the morning without success :( I'm using Bind 9.9.1 and i'm a newbie of Bind. This is my goal: - I want to define in my dns server a zone external_partner.com , which is the domain of our partner who manages it with his dns public server dns.external_partner.com . - I need to define into this zone a couple of servers (vpn_host_1. external_partner.com , vpn_host_2. external_partner.com ) because we connect via vpn to our partner. - I want that the rest of the names, e.g. www.external_partner.com , are resolved forwarding the requests to the dns of our partner. I tried this without success: - in named.conf: zone external_partner.com { type master; file master/ external_partner.com .zon; forwarders {xxx.xxx.xxx.xxx;}; }; and I have recursion yes in the options. - in external_partner.com .zon I have only the two entries: $TTL 300 @ IN SOA dns.edistar.com . admin.dns.edistar.com . ( 2013011701 ; Serial 300 ; Refresh 300 ; Retry every hour 300 ; Expire after a week 300 ) ; Minimum ttl of 1 day IN NS dns.edistar.com . TXT vpn servers vpn_host_1. external_partner.com . IN A xxx.xxx.xxx.xxx vpn_host_2. external_partner.com . IN A xxx.xxx.xxx.xxx I read about forward first option but is the opposite of my goal, correct? Thanks in advance for your responses. Alberto Zanon ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users