CODEWITHSUNDEEP
dnsbind
Shyrka
Shyrka

Reputation: 359

How do I resolve a DNS name for the same zone not found locally but that exists on another DNS server?

I need to run a local BIND DNS server for a series of Linux Containers. Let's say the zone is example.com

There is already an example.com domain in my infrastructure which I want to override some records with using my local DNS server (it has to be DNS and not local hosts).

Is there a way of telling BIND to check my local DNS server and if no record is found lookup the record for the same zone on another DNS server.

I have tried setting forwarders but I would appear this is only for different zones and not the same zone.

Any ideas?

Upvotes: 4

Views: 10201

Answers (3)

Mario
Mario

Reputation: 113

You could use a response policy zone (in the following called rpz) that allows to override any name queried via your bind server.

Paths refer to Debian.

In the options section, /etc/bind/named.conf.options, add:

options {
    # Create a response-policy zone to allow overrides
    response-policy { zone "rpz"; };
};

Add the rpz zone in /etc/bind/named.conf.local:

zone rpz {
    type master;
    file "/etc/bind/db.rpz";
    allow-query { none; };
};

Finally, the rpz zone file /etc/bind/db.rpz:

; BIND zone file for rpz zone
;
$TTL    600
@               SOA     localhost.        root.localhost. (
                            2017100300      ; Serial
                            86400           ; Refresh
                            10800           ; Retry
                            3600000         ; Expire
                            600             ; Negative Cache TTL
                    )
            NS      localhost.

google.com      CNAME   forcesafesearch.google.com.
example.com     A       192.0.2.123

Upvotes: 6

Gxt
Gxt

Reputation: 49

Also you can try to use bind forwarders. Basically your DNS's server ( if it doesn't know the answer ) will ask to the forwarder(s) for an IP resolution.

I.e.: 

# vi /etc/bind/named.conf.options
options {
      directory "/var/cache/bind";

      auth-nxdomain no; # conform to RFC1035
      listen-on-v6 { any; };
      listen-on { 127.0.0.1; 192.168.1.0/24; };

      forwarders {
         10.138.27.194;
      };
};

Upvotes: 1

Laszlo Valko
Laszlo Valko

Reputation: 2743

There is no simple way to do what you want.

For a tedious solution, you can define a zone file for every DNS name you want to override within the parent zone, eg:

named.conf:

zone "foo.domain" {
    type master;
    file "foo.domain";
}

zone "bar.domain" {
    type master;
    file "bar.domain";
}

foo.domain:

foo.domain. SOA ...
            NS  foo.domain.
            A   1.2.3.4

bar.domain:

bar.domain. SOA ...
            NS  foo.domain.
            A   2.3.4.5

Upvotes: 4

Related Questions