use of a DNS cache in front of samba4 internal DNS

David Mansfield samba at
Thu Feb 14 07:15:36 MST 2013

On 02/13/2013 04:11 PM, Andrew Bartlett wrote:
> On Wed, 2013-02-13 at 19:53 +0100, Marc Muehlfeld wrote:
>> Hello,
>> About DNS: My Mailserver uses only the DNS from my provider. I have no
>> requirement that the mailserver has to resolve internal DNS zones (the
>> one I use for AD) here. If this is required for your site for some
>> reason: I don't know djbdns. Here I use bind for DNS. And bind I can
>> tell that a specific zone it has to forward to a different DNS (the one
>> on the ADC):
>>     zone "" IN {
>> 	type forward;
>> 	forwarders {;;};
>>     };
> Thanks for posing this.  Where local conditions (eg high load, existing
> infrastructure, criticality) mean that using the internal forwarding
> capabilities of the internal DNS server would not be suitable, this is
> exactly the right thing to do.

Thanks indeed.  Of course, my original question was not about forwarding 
the zone lookups, but forwarding _and caching_ (presumably according to 
the TTL presented in the returned record).  Is that what you're 
referring to here?  I'm not 100% familiar with bind (last time I used it 
was 15 years ago!) and I don't know if a "zone forward" in that context 
includes caching.  I assume caching based on the TTL is legit since 
clients may end up doing that themselves.

I may end up using a caching nameserver which delegates the 
"" to the samba ad dc (as in the above example) as the 
DNS frontend for a subnet.


More information about the samba-technical mailing list