Home / server / Questions / 419668
In Process
cweiske
Asked: 2012-08-22 06:40:23 +0800 CST

bind: override single SRV record only, forward the rest

  • 772

Prerequisites

To get our internal libravatar server working, I need to setup a SRV record for our public domain company.com:

_avatars._tcp.company.com.     IN SRV 0 0 80  avatars.internal

As you see the avatar server is on an internal domain that is not accessible from outside, thus the SRV record should not be available publicly.

Problem

We have a BIND DNS server that resolves requests for internal domains. This server forwards requests forward company.com to the public DNS server (and that should be kept that way so we only have to manage public names on one server).

Now how can I override the _avatars._tcp.company.com SRV record on our local BIND server, while forwarding all other requests to the public server?

I know this is easy with subdomains (just define a master zone for the subdomain, done), but I fail to do that for SRV records for the main domain. What can I do?

What I've tried

With the following setup, resolution works for the subdomain, but not for the main domain:

$ dig @localhost +short SRV _avatars._tcp.company.com
$ dig @localhost +short SRV _avatars._tcp.bookmarks.company.com
0 0 80 avatars.internal.

/etc/bind/named.conf.local

zone "_avatars._tcp.company.com" {
  type master;
  file "/etc/bind/db._avatars._tcp.company.com";
  allow-update { none; };
};

zone "bookmarks.company.come" {
  type master;
  file "/etc/bind/db.bookmarks.company.com";
  allow-update { none; };
};

/etc/bind/db.bookmarks.company.com

$TTL    86400
@               IN SOA  @       root (
                                        2012082201      ; serial 
                                        3H              ; refresh
                                        15M             ; retry
                                        1W              ; expiry
                                        1D )            ; minimum

@               IN      NS      ns.company.com.
@               IN      A       192.168.1.41
_avatars._tcp.bookmarks.company.com.     IN SRV 0 0 80  avatars.internal.

/etc/bind/db._avatars._tcp.company.com

$TTL    86400
@               IN SOA  @       root (
                                        2012082201      ; serial
                                        3H              ; refresh
                                        15M             ; retry
                                        1W              ; expiry
                                        1D )            ; minimum
@                              IN NS          ns.company.com.
@                              IN SRV 0 0 80  avatars.internal.
_avatars._tcp.company.com.     IN SRV 0 0 80  avatars.internal.

(yes the last two lines are identical, but just to make sure)

domain-name-system

1 Answers

  1. Add a zone for the specific name (_avatars._tcp.company.com.) to your internal DNS server, containing the single record you wish to override.

    A SRV record is not special - it is just a DNS record, and it behaves like any other DNS record.

    The override zone should look similar to what's below

    $TTL    3600

@       IN      SOA     dev.company.com. root.company.com. (
                                   2009071505  ; serial
                                   10800       ; refresh
                                   3600        ; retry
                                   3600000     ; expire
                                   86400 )     ; minimum

@   IN  NS  inside-ns.company.com.

_foo.dev.company.com.       IN  SRV 0   0   80  google.co.uk.
    • 2