On Tue, Oct 10, 2017 at 11:21 AM, seanliam73 wrote:
> Hi
>
> I have a subdomain delegated from AD to a bind9 instance I have running
> that
> so that all requests for that subdomain are sent to the bind 9 instance. I
> would then like to set up zone forwarding so that further subdomains can be
>
I guess i made the assumption that zone was properly forwarded at the MS
end.
However as you mentioned if it was only delegated then it would SERVFAIL
at the BIND server when receiving an iterative query from MS if BIND isn't
authoritative.
On Oct 10, 2017 11:44 AM, "Darcy Kevin (FCA)"
wrote:
seanliam73 wrote:
>
> I know the forwarding is working because I can query the main bind9
> instance at receive the expected results. However if I query from the AD
> server that is doing the delegation I get a SERVFAIL error.
I guess one possible cause for this problem might be if the AD server
But surely you’d get an NXDOMAIN in that case, not a SERVFAIL.
The assumption I made in my post was that the delegation was pointed to the
forwarding BIND instance, which is a non-starter.
- Kevin
From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Ben
Croswell
S
It doesn't work to delegate to a forwarder; you have to delegate to something
that's authoritative for the zone (master or slave). Delegated nameservers are
expected to have a full copy of the zone, either as the source (master) or
through replication (slave).
Now, if you have restrictions/limi
If the AD environment loads company.com you need to make sure it has NS
delegations. The nameserver will ignore the zone forwarded if it knows the
child doesn't exist.
On Oct 10, 2017 11:22 AM, "seanliam73" wrote:
> Hi
>
> I have a subdomain delegated from AD to a bind9 instance I have running
>
Hi
I have a subdomain delegated from AD to a bind9 instance I have running that
so that all requests for that subdomain are sent to the bind 9 instance. I
would then like to set up zone forwarding so that further subdomains can be
managed by other bind 9 instances.
I know the forwarding is workin
7 matches
Mail list logo