On Jun 3, 2013, at 4:31 PM, John Miller <johnm...@brandeis.edu> wrote:
> Hi Mike,
>
> To keep my answer simple, if BIND is set up to allow recursion, and gets a
> recursive query for a zone it's not authoritative for, it'll:
>
> 1) Answer from cache
> 2) pass the query off to the configured forwarders
> 3) If the forwarders are unavailable, follow delegation itself to answer the
> query.
>
> BIND is only authoritative for a zone if there's a
>
> zone {}
>
> block for it (or its parent zone).
Weeeeeeelll, mostly.
built-in empty zones…
W
>
> As Steven mentioned, you can set BIND up to act as authoritative for a domain
> you don't own (e.g. malware.site.tld) so that your users get a false answer
> to their queries. It's a pretty common anti-malware/anti-spam practice, and
> also gets used (for example) in wifi captive portals.
>
> John
>
> On 06/03/2013 03:36 PM, Ward, Mike S wrote:
>> Hello all, I was trying to follow the thread on the NXDOMAIN and got lost.
>> :) I have a question about using forwarders. If the DNS that is using
>> forwarders receives a query for a zone it's not authoritative for even if
>> it's in the same network, does it go to the forwarders for zone information?
>> I'm trying to get my head around what was discussed in the NXDOMAIN thread.
>> What makes a DNS authoritative for a zone?
>>
>> ==========================
>> This email, and any files transmitted with it, is confidential and intended
>> solely for the use of the individual or entity to which it is addressed. If
>> you have received this email in error, please notify the system manager.
>> This message contains confidential information and is intended only for the
>> individual named. If you are not the named addressee, you should not
>> disseminate, distribute or copy this e-mail. Please notify the sender
>> immediately by e-mail if you have received this message by mistake and
>> delete this e-mail from your system. If you are not the intended recipient,
>> you are notified that disclosing, copying, distributing or taking any action
>> in reliance on the contents of this information is strictly prohibited.
>> _______________________________________________
>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
>> unsubscribe from this list
>>
>> bind-users mailing list
>> bind-users@lists.isc.org
>> https://lists.isc.org/mailman/listinfo/bind-users
>>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
> from this list
>
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
--
It is impossible to sharpen a pencil with a blunt axe. It is equally vain
to try to do it with ten blunt axes instead.
-- E.W Dijkstra, 1930-2002
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
