On Feb 21, 2012, at 9:51 AM, Marseglia, Michael wrote: > Hello, > > I’m looking for advice on an issue. I have a publicly registered domain > which we also use internally. I have bind configured as a caching DNS > server. Bind is configured to use four other Windows DNS servers as > forwarders for the domain. Bind should be using the root servers for > anything not configured to forward. > > Bind replies with the correct name record when I perform a query using the > fqdn for a machine. However, the authority and additional portion of the > query returns the root servers. > > The Windows DNS servers are returned if I perform a query for the NS > records of the internal domain. > > Subsequent DNS queries using the fqdn show the appropriate, internal > Windows DNS servers.
This is harmless and normal. > I don’t understand why BIND is attempting to resolve the private, internal > domain using the root servers when I have a forwarders statement in my > configuration file specifying our internal DNS servers. It's not. > Is there an article that addresses this issue or can someone please point > me to the correct resource so I can understand what is going on? - BIND receives query for hostname in internal domain - BIND forwards query to MS DNS server - MS DNS server answers authoritatively, but does not include auth and add'l sections - BIND evaluates answer and accepts it - BIND sends answer back to client, along with the best auth and add'l data it has in cache, which might be from the root zone - Client gets answer, but drops auth and add'l sections Harmless. Normal. Nothing to be worried about. Regards, Chris Buxton BlueCat Networks
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/bind-users

