vincenzo romero wrote:
thank you again, more clarification, if anyone can pls shed light ...
That happens anyway if the forwarder is not authoritative - that is, the
forwarder will act as a caching proxy.
ok - so my lab.company.com is authoritative, so it should keep a copy
of company.com's information then and be able to respond to queries
even within the domain of company.com?
Yes, if a server is configured as primary or seconday for a zone it will
reply directly without asking anyone else.
It's not really polite to send private IP reverse lookups to the public
root servers, but I suppose millions of places do...
i'm sorry, but how do i configure (or any pointer pls?) so that I do
not point to the public root servers? i just followed templates;
whereas, the company.com DNS, I was not the one who configured it.
Configure your servers as primary or secondary for the reverse zones of
all the private ranges you use (nn.nn.nn.IN-ADDR.ARPA).
I think the issues I have encountered are less now....
My questions.
1. From my lab.company.com DNS server - do I need to update my
/etc/resolv.conf file so that it shows:
search lab.company.com company.com
nameserver 192.168.17.2
nameserver 10.100.1.24
The 'search' applies to lookups from clients on that particular machine
where a bare host name is requested.
2. With the above /etc/resolv.conf I can ping forward and backwards
hosts, except - reverse lookup to host within company.com's domain
still shows the root servers .. :(
If you aren't primary/secondary, it walks down following referrals from
the root servers. For private ranges you won't get the right answer
because they aren't delegated.
3. Strangest and confusing, is performing nslookup FROM
lab.company.com's DNS server :
a. responds to nslookup company.com:
nslookup 192.168.17.1
Server: 127.0.0.1
Address: 127.0.0.1#53
1.17.168.192.in-addr.arpa name = qatest1.lab.maxiscale.com.
[root@myhost named]# nslookup maxiscale.com
Server: 127.0.0.1
Address: 127.0.0.1#53
Non-authoritative answer:
Name: company.com
Address: 10.100.1.24
BUT it can't find an answer for ITS OWN domain:
nslookup lab.company.com
Server: 127.0.0.1
Address: 127.0.0.1#53
*** Can't find lab.company.com: No answer
Usually the origin of the zone has A and NS records in the parent zone.
--
Les Mikesell
lesmikesell@xxxxxxxxx
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos