Re: Forwarding request to another DNS server but the same domain

[Kevin Darcy]

I'm still not understanding your constraints. If *all* updates come in 
through Dynamic Update, then you don't need freeze/unfreeze.

        - Kevin
On 4/30/2014 6:47 PM, Jeronimo L. Cabral wrote:
In office #1, the "company.com <http://company.com>" master zone is 
updated automatically from some Windows machines inn DNS1 and in 
office #2 the same zone is updated manually in DNS2 by the 
administrator who shouldn't update (using freeze and unfreeze) the 
master zone from office #1. This is the scenario, and we need that a 
simple query to DNS1 be responded with any record from both zones.

Thanks again


On Wed, Apr 30, 2014 at 5:54 PM, Kevin Darcy <k...@chrysler.com 
<mailto:k...@chrysler.com>> wrote:

    Oh, I thought this was an external-versus-internal scenario. But,
    this is even easier.

    A) One of the nameservers (pick DNS1 or DNS2) becomes a slave (of
    the "stealth" variety, if you want) of the other
    B) People use nsupdate to maintain the zone

    For security, TSIG-sign the updates. For fast change propagation,
    set up NOTIFY if and as necessary.

                            - Kevin


    On 4/30/2014 4:32 PM, Jeronimo L. Cabral wrote:
    Dear John, this is my scenario:

    1) Office 1: people work with some machines and fill up a local
    master zone "company.com <http://company.com>" with records in DNS1
    2) Office 2: people works with some others machines and fill up a
    local master zone "company.com <http://company.com>" with another
    records in DNS2

    So both office have a different master zone.

    Both offices belong to the same company, so I need that any
    client PC can resolve a hostname from "company.com
    <http://company.com>" domain, independently if this record is in
    DNS1 or DNS2.

    Thanks again, regards.

    JeLo



    On Wed, Apr 30, 2014 at 5:21 PM, John Miller
    <johnm...@brandeis.edu <mailto:johnm...@brandeis.edu>> wrote:

        Hi Jeronimo,

        First of all, please just tell us the real domain.  Yes, we
        could try and talk about a fictitious "example.com
        <http://example.com>" or "company.com <http://company.com>,"
        but having the real domain name lets us actually query your
        nameservers.

        Let me be sure I understand: you have two DNS servers.  Each
        of them is authoritative for the same domain.  Are both set
        as master?

        The two servers have different copies of the zone--what's
        your reason for that?

        If both servers think they are authoritative for a zone, then
        they will answer recursive queries for those zones
        themselves.  From the manual:

        "Forwarding occurs only on those queries for which the server
        is not authoritative and does not have the answer in its cache."

        What exactly are you trying to achieve?

        John



        On Wed, Apr 30, 2014 at 3:55 PM, Jeronimo L. Cabral
        <jelocab...@gmail.com <mailto:jelocab...@gmail.com>> wrote:

            Dear, I would like to ask for solution related with DNS
            (bind) configuration to allow forward requests to another
            DNS but related with the same domain.

            I'm asking about two authoritative name servers serving
            the same domain but with different zone file info on each
            and have one of them forward recursive queries to another
            one if first one cannot find some particular subdomain
            record that is missing in his version of zone file.

            My named.conf.local is as follow, but it doesn't work:

            zone "company.com <http://company.com>" {
              type master;
              file "/etc/bind/zones/company.com.db";
              allow-transfer { key "company"; };
              check-names ignore;
              forward first;
              forwarders { 172.16.1.1; };
            };

            Thanks a lot,

            JeLo


            _______________________________________________
            Please visit
            https://lists.isc.org/mailman/listinfo/bind-users to
            unsubscribe from this list

            bind-users mailing list
            bind-users@lists.isc.org <mailto:bind-users@lists.isc.org>
            https://lists.isc.org/mailman/listinfo/bind-users




        -- 
        John Miller
        Systems Engineer
        Brandeis University
        johnm...@brandeis.edu <mailto:johnm...@brandeis.edu>
        (781) 736-4619

        _______________________________________________
        Please visit
        https://lists.isc.org/mailman/listinfo/bind-users to
        unsubscribe from this list

        bind-users mailing list
        bind-users@lists.isc.org <mailto:bind-users@lists.isc.org>
        https://lists.isc.org/mailman/listinfo/bind-users




    _______________________________________________
    Please visithttps://lists.isc.org/mailman/listinfo/bind-users  to 
unsubscribe from this list

    bind-users mailing list
    bind-users@lists.isc.org  <mailto:bind-users@lists.isc.org>
    https://lists.isc.org/mailman/listinfo/bind-users


    _______________________________________________
    Please visit https://lists.isc.org/mailman/listinfo/bind-users to
    unsubscribe from this list

    bind-users mailing list
    bind-users@lists.isc.org <mailto:bind-users@lists.isc.org>
    https://lists.isc.org/mailman/listinfo/bind-users



_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users