On 11/13/2009 6:44 AM, Jonathan Petersson wrote:
Someone correct me if I'm wrong but using BIND you must have the full
zone, partial forwarding/proxying isn't built in so you would need to
download the zone and replace the data you need to change.
If all you want to do is change an A record (served from an external
zone) to a different internal IP address, then it's doable with BIND.
For example, if I want to redirect svn.example.org to the internal IP
address rather then the public IP address, I add the following zone file
(called "svn.example.org" in my setup):
$ORIGIN .
$TTL 600 ; 10 minutes
svn.example.com IN SOA fw.internal.example.org. dns.example.com. (
2007052665 ; serial
3600 ; refresh (1 hour)
900 ; retry (15 minutes)
7200 ; expire (2 hours)
3600 ; minimum (1 hour)
)
NS fw.internal.example.org.
$ORIGIN svn.example.com.
A 192.168.0.9
So for clients inside the LAN who talk to this DNS server and ask for
"svn.example.com" will get the 192.168.0.9 address. Clients outside the
LAN or who don't use the DNS server will get the public IP address from
the public DNS records.
I don't recall offhand if there's more to it, it's been a year or more
since I setup that record. Basically you're adding a local private zone
that is named the same as the DNS record that you're overloading and
telling BIND to pretend that it is authoritative for that record.
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
