3

I have an internal DNS server. I've added a custom record for a domain name that is public. I want to add local records but keep the public domain name resolved. For instance : foo.bar.com = wan ip -> SAT -> local server

I've added a zone bar.com and a custom record : gum.bar.com = lan ip -> local server

BUT I need to delegate other records, that means foo.bar.com should be left to the public DNS server. I saw the delegation option for a zone, I put my IPS DNS server, it works nice for a specific zone, like foo.bar must be resolved by the isp 's DNS. Now If I want to delegate a wildcart, it ain't work. You get I want to override the DNS server : resolve local names (the one you have records for) but other domain names mut be resolved by another server.

How can I achieve that, using a wildcard for a given zone ? Thanks mates

Evan Anderson
  • 141,071
  • 19
  • 191
  • 328
Razique
  • 2,266
  • 1
  • 19
  • 23

1 Answers1

6

Delete your "bar.com" zone from your W2K3 DNS server. Create a zone "gum.bar.com", and create a blank host record in that zone pointing to the LAN IP of the local server. Problem solved. >smile<

The W2K3 DNS server can't be simultaneously authoritative for a domain while forwarding queries that it can't resolve to another DNS server. It's just a limitation of the product. Working around it, per the above, is how we've always handled it.

Evan Anderson
  • 141,071
  • 19
  • 191
  • 328
  • Note that with this method, referencing the server by FQDN will be: server.gum.bar.com – joeqwerty Sep 15 '09 at 13:28
  • 1
    This "limitation" is also in many other name servers. So, the solution of a subdomain is certainly the right one. – bortzmeyer Sep 15 '09 at 13:49
  • I don't think it's as much a limitation of any specific product as it is a limitation of the DNS protocol. – Powerlord Sep 15 '09 at 15:17
  • 1
    @joeqwerty: You don't have to specify a hostname-- you can refer to the zone's name itself-- gum.bar.com-- in the A record (an "@" record, in BIND terminology). – Evan Anderson Sep 15 '09 at 20:29
  • @Evan: I'm not sure what you're saying, but I mean that the FQDN of the server will be server.gum.bar.com and not server.bar.com. Can you elaborate on your comment? Thanks. – joeqwerty Sep 16 '09 at 01:31
  • @Joe: An FQDN that resolves to the server computer's IP can absolutely be "gum.bar.com". Create a zone "gum.bar.com". Place into it a blank ("@" in BIND terms) A record with the server's IP address. "gum.bar.com" will resolve to that address. I do this all the time to create "split horizon" DNS for individual hostnames in private DNS infrastructures behind firewalls (think "webmail.example.com" resolving to a public IP in the public DNS, but to a private IP in the private DNS-- all the while still allowing the private DNS to resolve other names in ".example.com" from the public DNS servers.) – Evan Anderson Sep 16 '09 at 02:29
  • thanks, I do this actually, it works nice, I always thought I was doing i wrong (like not the best way) because sometimes you have to add other records (like gummy.bar.com) and you find yourself creating two zones while the best way would have been to have one zone 'bar.com' and two records. Thanks a lot – Razique Sep 16 '09 at 10:09
  • @Evan: Thanks for the explanation. Now I get it. I've never done that so didn't understand how it would work. – joeqwerty Sep 16 '09 at 10:56