Hello list,
Here's my scenario:
I have multiple DNS servers (one master and a few slaves) authoritative for
a few zones (eg mydomain.com, zone1.mydomain.com etc).
I also have a caching server (a stock Redhat caching-nameserver.rpm
configuration, BIND 9.2.4 ) which is used by clients on LAN to query DNS for
zone1.mydomain.com.
As far as I understand this caching server does a full recursive resolution
to get information for zone1.mydomain.com ( going to root servers, then
going to .com servers then to mydomain.com server).
My obective is to convert this caching server into a slave server, which
will transfer the full zone1.mydomain.com.
Am I correct in the assumption that the slave server should answer queries
for zone1.mydomain.com directly as it has all the information?
I modified the config by adding
zone "zone1.mydomain.com" {
type slave;
file "mydomain/hosts.mydomain.com";
masters { A.B.C.D; };
};
to the caching server config and configured the master server to allow
transfers. The zone is being transfered correctly, mydomain/
hosts.mydomain.com is popupated.
However,
dig +trace @localhost host1.zone1.mydomain.com
shows that the server is still doing a full recursion, going to the root
servers, tld servers etc.
What am I missing? Do I also have to list my caching server as NS record in
the zone1.mydomain.com?
It's located on a private network and won't be able to answer queries from
the Internet.
Attached is my config file
===================================================
//
// named.conf for Red Hat caching-nameserver
//
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone
"0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN
{
type master;
file "named.ip6.local";
allow-update { none; };
};
zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
};
zone "zone1.MYDOMAIN.COM" {
type slave;
file "mydomain/hosts.mydomain.com";
masters { A.B.C.D; };
};
include "/etc/rndc.key";
===================================================
Thanks
Rob
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
