Hi, Yes, so long as you are authoritative for the zone you can forward subdomains of that zone to any other DNS server you want.
On Mon, Aug 2, 2021, 3:07 PM Daniel Armando Rodriguez via bind-users < bind-users@lists.isc.org> wrote: > Was wondering If would be possible to setup a forwarding scheme just for > some subdomains, I emphasize the fact that master is publicly accesible > and current need is to locally resolv a bunch of subdomains of the same > zone. I think image attached in previuos message is pretty explanatory, > but currently my setup doen not work as (I) expected. > > > I attach a picture to best describe where I'm standed at. > > > > https://i.postimg.cc/x8PKnz53/ejemplo-com.png > > > > Currently disabled the SH setup to let just an authoritative DNS for > > local resolution. Following the example, any request made from PC1 to > > sys4/sys5/sys6 have no issues. However, if such host makes a request > > to sys1/sys2/sys2 just get a time out response. > > Any other query to outside, let's say google.com or whatever, works > > just fine. > > El lun, 26 jul 2021 a las 13:29, Sten Carlsen (<stenc at s-carlsen.dk>>) > escribió: > >> > >> Hi > >> > >> I am running just that setup. > >> > >> This may not scale well enough for your needs. > >> > >> I have one server with two views, one internal and one external. > >> > >> The external view is the hidden master for a number of public servers. > >> All going through the relevant delegations. This is only > >> authoritative. > >> > >> The internal view is selected by the client address and master files > >> for the same domain but with my internal addresses. This is recursing > >> and will answer from the master files for those domains and will > >> recurse for any other query. > >> > >> This has served me well and e.g. I get the internal address for the > >> mail server if I query from an internal address and I get the public > >> address if I query from an external address. > >> > >> This setup means that mail clients will make a lookup of the same name > >> always and if at home get the internal address and if outside get the > >> public address. > >> > >> There is often a recommendation to use different domains, e.g. > >> xxx.example.com for public addresses and xxx.internal.example.com for > >> the same servers internal addresses. This is not very useful since > >> e.g. a mail client would have to know about two different server names > >> - with split horizon I can use the same name always. > >> > >> -- > >> Best regards > >> Sten Carlsen > >> > >> A pessimist is a person that can find a problem for every solution. > >> > >> > >> On 26 Jul 2021, at 15.55, Daniel A. Rodriguez > >> <daniel.armando.rodriguez at gmail.com>> wrote: > >> > >> Hi there, > >> > >> Currently have a public DNS up & runnin' but, due to brand new > >> location, there's a need to add local resolution. > >> > >> With that in mind, first idea was to deploy a split horizon setup. > >> Sadly just local resolution works so far. Double check config but > >> currently I'm stuck with this situation. > >> > >> Was wondering if having the same zone both public and private, but > >> with different records, could be an issue. Master for the zone is > >> public, of course, and the private one -as mentioned- has a different > >> set of records just for lan hosts. Idea was to go out just when a > >> query for a public subdomain is requested, but that desn't seem to > >> work. > >> > >> Both forwarders option and recursion are enabled. > >> > >> Any hint will be much appreciated. > > > > > > _______________________________________________ > Daniel A. Rodriguez > Informática, Conectividad y Sistemas > Universidad Nacional del Alto Uruguay > San Vicente - Misiones - Argentina > www.unau.edu.ar > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to > unsubscribe from this list > > ISC funds the development of this software with paid support > subscriptions. Contact us at https://www.isc.org/contact/ for more > information. > > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users >
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
