On 8/27/2013 1:07 PM, Colin Harvey wrote:
My environment is firewalled from the real world. For queries on
zones to which I'm not master, I want to recurse to a corporate
server. nslookup some.internal.hostname.com
internal.corporate.server works fine.
nslookup is a terrible DNS troubleshooting tool. Try dig. And to mimic
how your nameserver would talk to the other nameserver, use the options
+norec and +bufsiz=4096 (unless you've changed your EDNS0 buffer size
from the default, in which case, plug in that value instead).
Setting "." to use this internal server in the root.hints file does
not. In fact I do not even see my system trying to recurse. (I'm
looking at network traffic with a sniffer.)
My root.hints:
. 600 IN NS internal.corporate.server.
internal.corporate.server. 600 IN A 192.168.1.1
Do you have recursion enabled?
Alternatively I've setup a forwarding zone in named.conf to query
192.168.1.1 for 'internal.hostname.com'.
Ugh, don't do that. Forwarding is for getting around network
restrictions or limitations, and you haven't (so far) indicated that you
have any of those to deal with.
- Kevin
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
