Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Conditional Forwarding using BIND9
Special Forums IP Networking Conditional Forwarding using BIND9 Post 302245010 by otheus on Thursday 9th of October 2008 06:45:02 AM
Old 10-09-2008
Ooooh, that blows.

I agree you can solve this using BIND9. There is a simple one for such cases, but it's been years. But first, why can't you reverse the order so that the "local" nameserver is searched first?
 

9 More Discussions You Might Find Interesting

1. Cybersecurity

Dns cache poisoning upgrade to bind9.5.0p2

Hi again guys, It seems this is a global thing affecting all the DNS bind versions prior to July 28 2008. I have my work cut out for me very soon, I see at least a handful of servers in my list that either need to patching or upgrading. How many of you guys are affected? Anybody successfully... (4 Replies)
Discussion started by: sparcguy
4 Replies

2. IP Networking

DNS upgrade issues, bind9.5.0_P1

so we had bind 9.3.0... we upgraded to 9.5.0 patch 1 we kept the exact same named.conf now we have a problem that some DMZ server cant do lookups from our DNS slave anymore. in the named.log we see things like this: 22-Jul-2008 16:05:04.694 security: info: client <our DMZ servers... (2 Replies)
Discussion started by: robsonde
2 Replies

3. Cybersecurity

ssh X-forwarding and remote forwarding behind proxy

Hi, from my workplace we use a proxy to connect to the outside world, including external ssh servers. The problem is that the server is seeing the connection coming from the proxy and knows nothing about the client behind it. The ssh connection itself works fine, but x-forwarding does not work as... (1 Reply)
Discussion started by: vampirodolce
1 Replies

4. UNIX and Linux Applications

bind9 with ldap using dlz

Hello guys, can anyone help me with the below error I'm getting from bind9? I'm trying to make bind read all the zone info from openldap, I have already created the schema and I've put some info into the ldap. I have also tried to google the error with no success. I'm aware there is an problem... (1 Reply)
Discussion started by: yered
1 Replies

5. UNIX for Advanced & Expert Users

Can I use bind9 to resolve only ONE hostname in a zone?

Hi there, I have the following problem. I have a Debian server with bind9. I can also use my ISP DNS server through the internet box (192.168.1.1). I would like to fool my client workstation to a local machine when they query for one specific hostname within a domain. I want to let the... (5 Replies)
Discussion started by: kokonut95
5 Replies

6. Solaris

Bind9 DNS on Solaris 10 x4270 & CPU usage

I have configured a Bind9 DNS on a X4270 machine with Solaris10 I am excuting some repformance tests with DNSPERF tool and maximun CPU usage is 23%. I have seen with prstat -L -p PID that named process usses only 2 of the 8 available CPU at the same time although threads for all CPUs exist.... (2 Replies)
Discussion started by: parisph
2 Replies

7. UNIX for Dummies Questions & Answers

Bind9 non existing ip , time of query

how can i set default permission for nslookup, i have in my nslookup timeout = 0 retry = 3 port = 53 but i want to set it to : timeout = 2 retry = 2 port = 53 i'm using bind9 , where can i set the default timeout for it? thanks in advance (0 Replies)
Discussion started by: prpkrk
0 Replies

8. UNIX for Dummies Questions & Answers

BIND9 CNAME to External Domain

We're moving an app from a server in our domain to a server hosted by the vendor in their domain. This app had it's own domain setup that we're authoritative for. Do I need to create a new zone file? zone-vendor_com and set up the CNAME records in this file? Or if I can just edit the one I... (1 Reply)
Discussion started by: joeaverage
1 Replies

9. IP Networking

Bind9 DNSSEC and rollerd

Hi all, I've a litte problem to get rollerd running and signing my zones if the ZSK of my zones are near expiring or expired. rollerd is running but do nothing startet with: /usr/bin/perl /usr/sbin/rollerd -rrfile /etc/bind/all.rollrec -directory /etc/bind -logfile /dev/stdout ... (1 Reply)
Discussion started by: xabbu
1 Replies

LEARN ABOUT DEBIAN

lwresd

LWRESD(8)							       BIND9								 LWRESD(8)

NAME

       lwresd - lightweight resolver daemon

SYNOPSIS

       lwresd [-c config-file] [-C config-file] [-d debug-level] [-f] [-g] [-i pid-file] [-m flag] [-n #cpus] [-P port] [-p port] [-s]
	      [-t directory] [-u user] [-v] [-4] [-6]

DESCRIPTION

       lwresd is the daemon providing name lookup services to clients that use the BIND 9 lightweight resolver library. It is essentially a
       stripped-down, caching-only name server that answers queries using the BIND 9 lightweight resolver protocol rather than the DNS protocol.

       lwresd listens for resolver queries on a UDP port on the IPv4 loopback interface, 127.0.0.1. This means that lwresd can only be used by
       processes running on the local machine. By default, UDP port number 921 is used for lightweight resolver requests and responses.

       Incoming lightweight resolver requests are decoded by the server which then resolves them using the DNS protocol. When the DNS lookup
       completes, lwresd encodes the answers in the lightweight resolver format and returns them to the client that made the request.

       If /etc/resolv.conf contains any nameserver entries, lwresd sends recursive DNS queries to those servers. This is similar to the use of
       forwarders in a caching name server. If no nameserver entries are present, or if forwarding fails, lwresd resolves the queries autonomously
       starting at the root name servers, using a built-in list of root server hints.

OPTIONS

       -4
	   Use IPv4 only even if the host machine is capable of IPv6.  -4 and -6 are mutually exclusive.

       -6
	   Use IPv6 only even if the host machine is capable of IPv4.  -4 and -6 are mutually exclusive.

       -c config-file
	   Use config-file as the configuration file instead of the default, /etc/lwresd.conf.	-c can not be used with -C.

       -C config-file
	   Use config-file as the configuration file instead of the default, /etc/resolv.conf.	-C can not be used with -c.

       -d debug-level
	   Set the daemon's debug level to debug-level. Debugging traces from lwresd become more verbose as the debug level increases.

       -f
	   Run the server in the foreground (i.e. do not daemonize).

       -g
	   Run the server in the foreground and force all logging to stderr.

       -i pid-file
	   Use pid-file as the PID file instead of the default, /var/run/lwresd/lwresd.pid.

       -m flag
	   Turn on memory usage debugging flags. Possible flags are usage, trace, record, size, and mctx. These correspond to the
	   ISC_MEM_DEBUGXXXX flags described in <isc/mem.h>.

       -n #cpus
	   Create #cpus worker threads to take advantage of multiple CPUs. If not specified, lwresd will try to determine the number of CPUs
	   present and create one thread per CPU. If it is unable to determine the number of CPUs, a single worker thread will be created.

       -P port
	   Listen for lightweight resolver queries on port port. If not specified, the default is port 921.

       -p port
	   Send DNS lookups to port port. If not specified, the default is port 53. This provides a way of testing the lightweight resolver daemon
	   with a name server that listens for queries on a non-standard port number.

       -s
	   Write memory usage statistics to stdout on exit.
		  Note: This option is mainly of interest to BIND 9 developers and may be removed or changed in a future release.

       -t directory
	   Chroot to directory after processing the command line arguments, but before reading the configuration file.
		  Warning: This option should be used in conjunction with the -u option, as chrooting a process running as root doesn't enhance
		  security on most systems; the way chroot(2) is defined allows a process with root privileges to escape a chroot jail.

       -u user
	   Setuid to user after completing privileged operations, such as creating sockets that listen on privileged ports.

       -v
	   Report the version number and exit.

FILES

       /etc/resolv.conf
	   The default configuration file.

       /var/run/lwresd.pid
	   The default process-id file.

SEE ALSO

       named(8), lwres(3), resolver(5).

AUTHOR

       Internet Systems Consortium

COPYRIGHT

       Copyright (C) 2004, 2005, 2007-2009 Internet Systems Consortium, Inc. ("ISC")
       Copyright (C) 2000, 2001 Internet Software Consortium.

BIND9								   June 30, 2000							 LWRESD(8)
All times are GMT -4. The time now is 10:09 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy