On 03/19/2013 08:10 PM, b...@bitrate.net wrote: > On Mar 18, 2013, at 23.04, Gerry Reno <gr...@verizon.net> wrote: > >> On 03/18/2013 10:25 PM, b...@bitrate.net wrote: >>> On Mar 18, 2013, at 20.27, Gerry Reno <gr...@verizon.net> wrote: >>> >>>> Using BIND 9.8.2 >>>> >>>> When you setup Samba 4 AD DC using BIND9_DLZ and your domain has external >>>> servers (eg: www,mail) at external providers >>>> this means that the ISP and the internal network nameservers will both >>>> have SOA record for the domain. >>> it's not really anything particularly related to samba or dlz. it's just >>> two different computers serving the same zone. you're just "hijacking" or >>> overloading that particular label. in addition to declaring the zone in >>> your config, you'll need to delegate that new zone from the parent. >>> >>> it's worth noting that this scales poorly. having to add delegations and >>> zone declarations for every label for which this is desired becomes quickly >>> prohibitive. instead, i'd suggest using a subdomain for samba - e.g. >>> something like ad.example.com. there are a number of other solutions as >>> well which would likely be more sensible than hijacking labels. >>> >>> -ben >>> >> If it was more than just a few labels I would do it another way. >> >> But this will suffice, if I can only get bind to actually get the forward >> zone working. >> >> I don't need any delegation. I'm not looking to slave the zone. > as i said, you'll need to delegate that new zone from the parent. i'm not > sure what slaves zones would have to do with that. > > -ben >
As I said, if I was going to do this for a bunch of labels I would add an external view and just slave it from the ISP which holds the SOA for the external answers. And sure delegation works. You don't even need a forward zone. So what exactly is the use case for this forward zone? I see a number of postings over several y ears where people have not been able to get the forward zone working. -Gerry _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
