dig +trace host.internal.hostname.com responds with a list of authoritative
nameservers for the zone and the error "dig: couldn't get address for
ns1.corporate.hostname.com" where the error cycles through all four of the
authoritative nameservers.
Also ns1.corporate.hostname.com is not 192.168.1.1.
Colin
From: Colin Harvey <colinedwardhar...@yahoo.com>
To: "wbr...@e1b.org" <wbr...@e1b.org>
Cc: "bind-users-bounces+wbrown=e1b....@lists.isc.org"
<bind-users-bounces+wbrown=e1b....@lists.isc.org>; bind users
<bind-users@lists.isc.org>
Sent: Tuesday, August 27, 2013 2:13 PM
Subject: Re: redirecting root hints to fake internal root server
Thanks. But I already have that option for the internal.hostname.com zone.
Still not seeing traffic going to 192.168.1.1.
Colin
From: "wbr...@e1b.org" <wbr...@e1b.org>
To: Colin Harvey <colinedwardhar...@yahoo.com>
Cc: bind users <bind-users@lists.isc.org>;
bind-users-bounces+wbrown=e1b....@lists.isc.org
Sent: Tuesday, August 27, 2013 1:20 PM
Subject: Re: redirecting root hints to fake internal root server
From: Colin Harvey <colinedwardhar...@yahoo.com>
> My environment is firewalled from the real world. For queries on
> zones to which I'm not master, I want to recurse to a corporate
> server. nslookup some.internal.hostname.com
> internal.corporate.server works fine. Setting "." to use this
> internal server in the root.hints file does not. In fact I do not
> even see my system trying to recurse. (I'm looking at network
> traffic with a sniffer.)
>
> My root.hints:
>
> . 600 IN NS internal.corporate.server.
> internal.corporate.server. 600 IN A 192.168.1.1
>
>
> Alternatively I've setup a forwarding zone in named.conf to query
> 192.168.1.1 for 'internal.hostname.com'. When monitoring the
> network for udp data over port 53, I'm not even seeing the query
> being forwarded. Why?
Add these lines to your options section:
forward only;
forwarders {192.168.1.1;};
see
ftp://ftp.isc.org/isc/bind9/9.9.3-P2/doc/arm/Bv9ARM.ch06.html#id2578567
Confidentiality Notice:
This electronic message and any attachments may contain confidential or
privileged information, and is intended only for the individual or entity
identified above as the addressee. If you are not the addressee (or the
employee or agent responsible to deliver it to the addressee), or if this
message has been addressed to you in error, you are hereby notified that
you may not copy, forward, disclose or use any part of this message or any
attachments. Please notify the sender immediately by return e-mail or
telephone and delete this message from your system.
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-usersto unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
