I've got an internal bind server which works fine for my local name resolution. Most of the hosts are mapped with internal IPs instead of their corresponding external IPs. However, there are situations in which there are no equivalent internal IPs. These hosts are currently only listed in my public DNS server. Consequently, when I try to query the internal DNS server, I get unknown hosts.
Is there anyway I can configure BIND to query an external source if it receives a request for a host that it does not know, even though this host is in the domain for which it is authoritative?
For example, if my domain is called: site.com
Internal DNS may have:
www.site.com 192.168.1.1
smtp.site.com 192.168.1.2
mail.site.com 192.168.1.3
External DNS may have:
www.site.com 199.200.201.1
smtp.site.com 199.200.201.2
mail.site.com 199.200.201.3
ftp.site.com 199.200.201.4
support.site.com 199.200.201.5
If I query internal DNS for www.site.com, it will return 192.168.1.1. But if I query it for ftp.site.com, I'll get an unknown host. Is there anyway to configure my internal bind to forward that request to the external server and return 199.200.201.4?
Or is my only choice to copy the missing hosts to my internal DNS server, and have two copies of the same records (one on my public DNS and one on my internal DNS)?
You have a a few options. In a bind config file you could create a forward zone for each host:
Or, in a zone definition file:
(this assumes the ORIGIN is "site.com.")
Instead of adding an entry for each host you could also use a wildcard:
but that will forward all unknown requests to the external name server.