Hi. If I understand you correctly, you are trying to get your resolver to go to two different places (main_hidden_dns_server and other_dns_server) for answers to the same question, and then want it combine those answers into a single response to the client, which contains PTR records for both names?
If I got that correct, then it won't. If you want multiple PTR records to be associated with different names then they have to be in the same zone/zone file. A few comments: - The statement "forward first' means, try forwarding first and only if that fails, then try recursion. - Adding forwarders to a secondary zone tells the server what to do for names delegated from that zone. e.g. if the zone is "example.com" and it contains "sub NS another.server.somewhere.else." then a query to it for " name.sub.example.com" will follow the "forwarders" statement because " sub.example.com" has been delegated away. - Do you really want to be forwarding to your hidden primary anyway? - Why are two different servers both authoritative for "100.168.192.in-addr.arpa"? That's asking for trouble. Hope that helps. Greg On Mon, 4 Mar 2024 at 15:35, Taavi Ansper via bind-users < bind-users@lists.isc.org> wrote: > Hi > > I am trying to understand bind9 more thorughly. > > Backstory: We have been using bind9 for a long time and overhauling it > for more "usage". > > We have been using a "hidden master dns" logic with views for different > usages. > > E.g. Client -> Slave DNS Server <- (Transfer zones from hidden master)-> > Hidden Master. > > We had two views "external" and "internal" and now we added a new view > "dmz" aswell. > > In one of those zones we had an interesting DNS "thingy" where for > example a CIDR 192.168.100.0/24 was generating entries to the main > "hidden dns" server via includes. It uses a domain called example.com. > Now another DNS server created DNS entries for the same CIDR > 192.168.100.0/24 but it had a different domain "subdomain.example.com". > Including that info was easy. > > In the Slave DNS > > zone "example.com" { > file blaah > type slave > masters { main_hidden_dns_server } > } > > zone "subdomain.example.com" { > file blaah > type slave; > masters { other_dns_server } > } > > But now comes the problem. When generating a PTR record > 100.168.192.in-addr.arpa, I wish to combine both of these "results" into > one lookup. How can I do that? I tried to add: > > zone "100.168.192.in-addr.arpa" { > file blaah > type slave; > masters { other_dns_server } > forward first; > forwarders { main_hidden_dns_server } > } > > But this forwarding logic doesnt work. I have a feeling the forwarding > only works specific zones. and you can't combine two of the same > "names" into one. Am I correct and in order for PTR records to work I > need to get them into a single file? > > -- > ---- > Taavi Ansper > taavi.ans...@cyber.ee > > -- > Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > ISC funds the development of this software with paid support > subscriptions. Contact us at https://www.isc.org/contact/ for more > information. > > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users >
-- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users