<blast @
worldbit .
com> (Tim Keanini) wrote:
>I am going to de-lurk and ask:
>
>InternalDNS has 'forwarders' that point to ExternalDNS
>and my ExternalDNS box has the /etc/resolv.conf that points to InternalDNS
>box.
>
>OK so far...
>
>My question is what do I put in my InternalDNS's root.cache?
>If I leave it the way it is with the current root.cache from
>RS.INTERNIC.NET the InternalDNS server is trying to send .domain messages
>to those IP's and gets blocked by my CHOKE router.
There is a option in named.boot called "slave". Use this in the internal DNS,
and it only talk to the forwarders (i.e. it ignores the root.cache). The only
forwarder we list is the firewall. Beware, though, of versions of BIND prior
to 4.9.x. These have a timing bug which produces sporadic "server failed"
responses from the slave.
---------------------------------------------------------
Chris Palmer
Deloitte Touche Tohmatsu, Auckland, New Zealand
c .
palmer @
dtt .
co .
nz
|
|
