On Wed, Dec 13, 2023 at 05:29:02PM +0100, Michel Diemer via bind-users <bind-users@lists.isc.org> wrote a message of 1723 lines which said:
> another virtual machine that uses the first one as ics dhcp and dns > server. An important thing about DNS: there are two types of DNS servers, very different. Resolvers and authoritative. They use the same protocol, and BIND can do both, but they have very different properties. > I have disabled IPv6 by setting link-local: [] in netplan's setting. Too bad. This is 2023, not the 20th century. > The name of the network (dns zone) is "reseau1.lan". When I "dig -4 > reseau1.lan" the AUTHORITY bit is set to 1. You mean AA (authoritative answer)? > Why or when should the AUTHORITY bit set to 1 ? What does it take > for nslookup to give me an authoritative answer ? nslookup is an old and not very satisfying program. I would suggest using dig instead. > If I "ping xxx.reseau1.lan" I get an NXDOMAIN answer. Why NXDOMAIN > and not NOERROR (NODATA) ? The domain "reseau1.lan" exists and my > dns server is authoritative for this zone (SOA record) but the > computer "xxx" on this domain does not. Should I use a wildcard dns > record ? Adding an entry for the "xxx" subdomain seems simpler. > I have tryed to empty the list of forwarders and disable the dns > cache ... should I configure a dns-resolver only for the domain > reseau1.lan and then a dns forwared for external dns queries ? Or > maybe configure the resolver for the lan network interface and the > forwarder on the internet network interface on the dns server ? I strongly suggest to separate resolver and authoritative. You normally have authoritative answers from the authoritative servers (surprise!) and non-authoritative from the resolvers, at least when their cache is warm. -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
