Two different forwarders on bind9

Hi,

I'm inside a corporate lan, and I've just setup a bind9 "caching only"
dns server on my Debian Squeeze box and it works fine, just for my own
use.

It forwards my box dns requests to Opendns.org's, instead of my corp dns
servers, with these lines in /etc/bind/named.conf.options:

forward first;
forwarders {
208.67.222.222; # OpenDNS
208.67.220.220; # OpenDNS
};

However, to resolve names internal to my corp's lan, I'd like to setup
two different forwarders, one for the internet (that is what I already
have now) and another one for my private lan when clients ask something
like machine.mycorp.com as follows:

forwarders {
10.xxx.xxx.xxx; # mycorp dns1
10.xxx.xxx.xxy; # mycorp dns2
};

How could this be accomplished?
Thanks in advance for answering.



--
(E-Mail Removed)
ANTI-SPAM: please cut "toglimi." for my real e-mail address.
AMD Athlon64 3200+ Linux 2.6.32-5-amd64 on Debian GNU/Linux squeeze/sid
Registered Linux user #291116 http://counter.li.org

On 2 Feb 2011 11:15:34 GMT, HamRadio wrote:
> Hi,
>
> I'm inside a corporate lan, and I've just setup a bind9 "caching only"
> dns server on my Debian Squeeze box and it works fine, just for my own
> use.

> However, to resolve names internal to my corp's lan, I'd like to setup
> two different forwarders, one for the internet (that is what I already
> have now) and another one for my private lan when clients ask something
> like machine.mycorp.com as follows:
>
> How could this be accomplished?

Just change /etc/resolv.conf to use corp dns servers when you want 10.xxx.

As I mis-understand it, if your first dns server responds then that
server would have to know your 10.xxx. values and do internet work.

In your case, you need to sweet talk your network admin into giving
you forward/reverse files for the corp lan and you tell your dns
server about them.

Other method is to put corp ips in /etc/hosts and tell your system to
search files then dns for a value.

$ grep hosts: /etc/nsswitch.conf
hosts: files dns

Hello,

HamRadio a écrit :
>
> However, to resolve names internal to my corp's lan, I'd like to setup
> two different forwarders, one for the internet (that is what I already
> have now) and another one for my private lan when clients ask something
> like machine.mycorp.com as follows:
>
> forwarders {
> 10.xxx.xxx.xxx; # mycorp dns1
> 10.xxx.xxx.xxy; # mycorp dns2
> };
>
> How could this be accomplished?

You can use per-domain forwarders. See "forward zone" type.

Il Wed, 02 Feb 2011 13:43:41 +0100, Pascal Hambourg ha scritto:

> You can use per-domain forwarders. See "forward zone" type.

This was the magic word I missed before!

Here's how I solved my problem:

zone "mycorp.com" {
type forward;
forwarders {
10.xxx.xxx.xxx;
10.xxx.xxx.xxy;
};
};

Thank you both for your help.



--
(E-Mail Removed)
ANTI-SPAM: please cut "toglimi." for my real e-mail address.
AMD Athlon64 3200+ Linux 2.6.32-5-amd64 on Debian GNU/Linux squeeze/sid
Registered Linux user #291116 http://counter.li.org