Thomas Harold a écrit :
On 11/13/2009 6:44 AM, Jonathan Petersson wrote:
Someone correct me if I'm wrong but using BIND you must have the full
zone, partial forwarding/proxying isn't built in so you would need to
download the zone and replace the data you need to change.
If all you want to do is change an A record (served from an external
zone) to a different internal IP address, then it's doable with BIND.
For example, if I want to redirect svn.example.org to the internal IP
address rather then the public IP address, I add the following zone
file (called "svn.example.org" in my setup):
$ORIGIN .
$TTL 600 ; 10 minutes
svn.example.com IN SOA fw.internal.example.org.
dns.example.com. (
2007052665 ; serial
3600 ; refresh (1 hour)
900 ; retry (15 minutes)
7200 ; expire (2 hours)
3600 ; minimum (1 hour)
)
NS fw.internal.example.org.
$ORIGIN svn.example.com.
A 192.168.0.9
So for clients inside the LAN who talk to this DNS server and ask for
"svn.example.com" will get the 192.168.0.9 address. Clients outside
the LAN or who don't use the DNS server will get the public IP address
from the public DNS records.
I don't recall offhand if there's more to it, it's been a year or more
since I setup that record. Basically you're adding a local private
zone that is named the same as the DNS record that you're overloading
and telling BIND to pretend that it is authoritative for that record.
I thought I tried this. I retried and guess what, it worked. Seems like
my original setup was wrong. I must have misused the $ORIGIN keyword.
Nonetheless, I think i'm going to keep pdnsd, as it's easier to setup
for the my use.
Thanks a lot !
Johan
--
Johan VAN RYSEGHEM - Développeur RIAS
Websiteburo | Agence Media Interactive | Bordeaux/Paris
johan.van.ryseg...@websiteburo.com : 06.77.88.51.60 - Fixe : 05.47.74.74.20
http://www.websiteburo.com
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
