Overriding some DNS entries in BIND for internal networks

Posted by Remy Blank on Server Fault See other posts from Server Fault or by Remy Blank
Published on 2009-06-03T13:57:05Z Indexed on 2010/04/16 16:44 UTC
Read the original article Hit count: 336

Filed under:

dns

|

bind

I have an internal network with a DNS server running BIND, connected to the internet through a single gateway. My domain "example.com" is managed by an external DNS provider. Some of the entries in that domain, say "host1.example.com" and "host2.example.com", as well as the top-level entry "example.com", point to the public IP address of the gateway.

I would like hosts located on the internal network to resolve "host1.example.com", "host2.example.com" and "example.com" to internal IP addresses instead of that of the gateway. Other hosts like "otherhost.example.com" should still be resolved by the external DNS provider.

I have succeeded in doing that for the host1 and host2 entries, by defining two single-entry zones in BIND for "host1.example.com" and "host2.example.com". However, if I add a zone for "example.com", all queries for that domain are resolved by my local DNS server, and e.g. querying "otherhost.example.com" results in an error.

Is it possible to configure BIND to override only some entries of a domain, and to resolve the rest recursively?

© Server Fault or respective owner

Related posts about dns

Master/Slave DNS setup vs. rsync'ed DNS servers

as seen on Server Fault - Search for 'Server Fault'
We currently have primary and secondary DNS servers on our corporate network. They are setup in a master/slave type setup, where the slave gets its DNS information from the master. I'm trying to figure out what the real advantage is for the master/slave setup instead of just setting up an automated… >>> More
Updating Windows DNS records from a remote windows DNS server

as seen on Server Fault - Search for 'Server Fault'
Does anyone know if it is possible for a windows 2003 DNS server to update the records for a domain so that it contains all the records of a domain of of a remotely based DNS server? Im almost certain that doesn't quite explain the problem so I shall illustrate with an example: We have two offices… >>> More
OpenVPN DNS: VPN DNS stomping local VPN

as seen on Super User - Search for 'Super User'
I've finally noodled with OpenVPN enough to get it working. Even better, I can mount samba drives, ping network machines through the TUN device, etc - it's all great. However, I'm noticing that if I have the directive: push "dhcp-option DNS 10.0.1.1" # Push our local DNS to clients Then some of… >>> More
Random DNS Client Issue with BIND9/Windows Server 2003 DNS

as seen on Stack Overflow - Search for 'Stack Overflow'
Within our office, we have a local server running DNS, for internal related "domains", (e.g. .internal, .office, .lan, .vpn, etc.). Randomly, only the hosts configured with those extensions will stop resolving on the Windows-based workstations. Sometimes it'll work for a couple weeks without issue… >>> More
DNS Tools - DNS and Few of its Concerning Terms and Tools

as seen on Article City - Search for 'Article City'
A DNS or Domain Name System lets you locate computers on a network or the Internet TCP/IP network by domain name. The DNS server sustains a database of domain names or host names along with their cor... [Author: Daisy Osbaldo - Computers and Internet - April 02, 2010] >>> More

Related posts about bind

ubuntu bind9 AppArmor read permission denied (chroot jail)

as seen on Server Fault - Search for 'Server Fault'
I am trying to run bind9 with chroot jail. I followed the steps mentioned at : http://www.howtoforge.com/debian_bind9_master_slave_system I am getting the following errors in my syslog: Jul 27 16:53:49 conf002 named[3988]: starting BIND 9.7.3 -u bind -t /var/lib/named Jul 27 16:53:49 conf002 named[3988]:… >>> More
setting up bind to work with nsupdate (SERVFAIL)

as seen on Server Fault - Search for 'Server Fault'
I'm trying to update my DNS-Server dynamically using nsupdate. Prerequisite I'm using Debian 6 on my DNS-Server and Debian 4 on my client. I created a public/private key pair using: dnssec-keygen -C -a HMAC-MD5 -b 512 -n USER sub.example.com. I then edited my named.conf.local to contain my public… >>> More
BIND DNS Master with Zerigo Slaves - BIND won't update the slave servers

as seen on Server Fault - Search for 'Server Fault'
I've tried to resolve this myself and have looked through Google and Stack but haven't found the answer I'm looking for. Currently on a VPS server I have BIND DNS installed as a MASTER DNS Server. I use Zerigo's DNS service as SLAVE servers for public use: The Master doesn't receive queries - It's… >>> More
How do I prevent directories mounted with 'bind' from appearing on 'Devices' on nautilus?

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I have these lines in the fstab # binds /media/DataNtfs/Music /home/can/Music none rw,bind /media/DataNtfs/Pictures /home/can/Pictures none rw,bind /media/DataNtfs/Downloads /home/can/Downloads none rw,bind /media/DataNtfs/Documents… >>> More
C++ question: boost::bind receive other boost::bind

as seen on Stack Overflow - Search for 'Stack Overflow'
I want to make this code work properly, what should I do? giving this error on the last line. what am I doing wrong? i know boost::bind need a type but i'm not getting. help class A { public: template <class Handle> void bindA(Handle h) { h(1, 2); } }; class B { public: void… >>> More