On 03/19/2013 09:26 PM, b...@bitrate.net wrote: > On Mar 19, 2013, at 20.30, Gerry Reno <gr...@verizon.net> wrote: > >> On 03/19/2013 08:10 PM, b...@bitrate.net wrote: >>> On Mar 18, 2013, at 23.04, Gerry Reno <gr...@verizon.net> wrote: >>> >>>> On 03/18/2013 10:25 PM, b...@bitrate.net wrote: >>>>> On Mar 18, 2013, at 20.27, Gerry Reno <gr...@verizon.net> wrote: >>>>> >>>>>> Using BIND 9.8.2 >>>>>> >>>>>> When you setup Samba 4 AD DC using BIND9_DLZ and your domain has >>>>>> external servers (eg: www,mail) at external providers >>>>>> this means that the ISP and the internal network nameservers will both >>>>>> have SOA record for the domain. >>>>> it's not really anything particularly related to samba or dlz. it's just >>>>> two different computers serving the same zone. you're just "hijacking" >>>>> or overloading that particular label. in addition to declaring the zone >>>>> in your config, you'll need to delegate that new zone from the parent. >>>>> >>>>> it's worth noting that this scales poorly. having to add delegations and >>>>> zone declarations for every label for which this is desired becomes >>>>> quickly prohibitive. instead, i'd suggest using a subdomain for samba - >>>>> e.g. something like ad.example.com. there are a number of other >>>>> solutions as well which would likely be more sensible than hijacking >>>>> labels. >>>>> >>>>> -ben >>>>> >>>> If it was more than just a few labels I would do it another way. >>>> >>>> But this will suffice, if I can only get bind to actually get the forward >>>> zone working. >>>> >>>> I don't need any delegation. I'm not looking to slave the zone. >>> as i said, you'll need to delegate that new zone from the parent. i'm not >>> sure what slaves zones would have to do with that. >>> >>> -ben >>> >> As I said, if I was going to do this for a bunch of labels I would add an >> external view and just slave it from the ISP >> which holds the SOA for the external answers. > i don't know what the point of that would be. you'd still have to overload > your other zone. > > all i can do at this point is suggest you simply try what has been suggested > [by multiple people]. > > -ben > > It's called Split-DNS.
And delegation was implemented yesterday. Still no answer about what is the use case for this forward zone. And why many people have posted that they have not been able to get it to work for years. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
