Adding a Forwarding Zone (Bind 9.9.2)

Amitay Isaacs amitay at gmail.com
Thu Dec 6 14:55:20 MST 2012 

On Fri, Dec 7, 2012 at 7:30 AM, Charles Tryon <charles.tryon at gmail.com>wrote:

> OK, that's what I expected, but for some reason, it isn't working...  I
> have those lines (with the correct domain name and IP address) in my
> named.conf, and I restarted both the named and samba4 processes.
>

> I made sure I deleted the "global.local" zone I'd created through the
> command line, figuring that the empty zone there might override the zone
> definition in the conf file.  That didn't help.
>
> My test for the forwarded zone was:
>
>     <samba:etc>? host -t SRV _ldap._tcp.global.local.
>     Host _ldap._tcp.global.local. not found: 3(NXDOMAIN)
>
> I've also tried to "dig" or even "ping" a host name in the global.local
> domain and I get no answer back.
>

At this point, can you paste BIND log? You can restart BIND in the
foreground as follows:

/usr/sbin/named -u named -f -g 2>&1 | tee named.log  (or -u bind if you are
on deb system)

Then run the query "dig global.local soa @10.4.2.1".  And send me the log
file.



> One note is that this DNS server I'm trying to forward to is maintained by
> our international IT group, so I have very little access into the server,
> other than read-only viewing.  I'm wondering if there might be some
> configuration or security setting on the server I'm trying to forward to
> which is blocking the request.
>

That should not be a problem.  As long as the DNS server allows queries
from the IP address of your samba4 server, it should be fine. You can check
by running following query on samba4 server.

dig global.local soa @10.4.0.1

(On a side note, I'm currently building from Amitay's branch to see if the
> bug he fixed in the zone creation code will make any difference.)
>

The patches are to fix updating of SOA record via DNS RPC calls.


On Wed, Dec 5, 2012 at 5:11 PM, Marc Muehlfeld <
Marc.Muehlfeld at medizinische-genetik.de> wrote:

> Hi,
>
> do I understand you right: You run bind on your S4 DC and want to forward
> all requests for a specific zone to an other DNS server?
>
> Then just add the following to your named.conf:
>
> zone "muc.medizinische-genetik.de" {
>         type forward;
>         forwarders { 192.168.29.2; };
> };
>
> and reestart named. And that's it.
>
> Regards,
> Marc
>
>
> --
> Marc Muehlfeld (IT-Leiter)
> Zentrum für Humangenetik und Laboratoriumsmedizin
> Dr. Klein, Dr. Rost und Kollegen
> Lochhamer Str. 29 - D-82152 Martinsried
> Telefon: +49(0)89/895578-0 - Fax: +49(0)89/895578-780

> > http://www.medizinische-**genetik.de <http://www.medizinische-genetik.de
> >
> >
>
>
>
> --
>     Charles Tryon
> _________________________________________________________________________
>   “Risks are not to be evaluated in terms of the probability of success,
> but in terms of the value of the goal.”
>                 - Ralph D. Winter
>
>
>
>
> --
>     Charles Tryon
> _________________________________________________________________________
>   “Risks are not to be evaluated in terms of the probability of success,
> but in terms of the value of the goal.”
>                 - Ralph D. Winter
>

More information about the samba-technical mailing list