Hi, I am looking for a way to start the DNS lookup algorithm somewhere further down the tree, instead of at the root, but only for a small specified set of domains.
I have a relatively large/complex DNS installation, where we run our own .LOCAL TLD mapped to RFC1918 IP space. Various departments and business units have their own authoritative name servers for subdomains within that space, and we delegate to them from our primary authoritative name server. This primary name server also holds our public authoritative data, also with delegations of (some) third-level subdomains to authoritative name servers run by the aforementioned departments and business units. I currently run dedicated caching servers (available only to internal clients), which are configured to forward anything within *.local and *.example.com to our primary authoritative server. The latter must currently recurse (at least) for the caches, since it's not guaranteed to be authoritative for all subdomains of *.local and *.example.com, but is still expected to return a full answer as a 'forwarder' configured in the caching servers' named.conf. What I would like to do instead is to modify the root hints on the caching servers by adding LOCAL. IN NS primary-auth-server.example.com EXAMPLE.COM. IN NS primary-auth-server.example.com primary-auth-server.example.com. IN A 111.222.333.444 so, rather than forwarding to 'primary-auth-server' they can simply begin their own lookup algorithm there instead of at the root servers (for *.local and *.example.com only). I tried modifying the root hints file on my caches as described, but BIND (9.6.1-P3) ignored my changes and kept starting the recursive lookup at the real root servers regardless. Any idea how I could make BIND do what I asked it to ? Alternatively, I'd also appreciate any insights into why what I'm asking for might be a very bad idea and shouldn't be done (or even supported at all in BIND) ! :) Thanks, --Gabriel _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users