Announcement

Collapse
No announcement yet.

Convoluted but required DNS

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Convoluted but required DNS

    I will try and describe my issue best I can - stick with it

    We have some rather complicated name resolution going on. If I want to go to a website I type the URL in my browser, the browser looks at the proxy bypass list and if there is no bypass it forwards the request to our proxy server. The proxy server has one DNS server listed (only one is allowed) and the equivalent of a local hosts file. If there is a match on the local hosts file it resolves the IP and routes accordingly. If there is no match it forwards its query to DNS server that holds our internal zones and conditional forwards on some zones that are not held. all other queries are forwarded to our ISP. The use of the local hosts file on the proxy server is required as there are specific hosts that are in the conditionally forwarded zones that need to be routed in differently.

    We are changing the proxy server and one of the appliances we are looking at doesn't have the capability of a local hosts file.

    We can't be a secondary to the zones we forward to and we can't have a record for the host as the DNS server would think it is authoritative for the zone.

    Is there anything clever I can do with DNS to get around this issue?

  • #2
    Re: Convoluted but required DNS

    Originally posted by didgemaster View Post
    We can't be a secondary to the zones we forward to and we can't have a record for the host as the DNS server would think it is authoritative for the zone.
    Can you create a child zone with the name of the host in question?

    The problem "I need bar.foo.com to resolve to a different address, but I can't create a record as the server isn't authoritative for the foo.com domain" is usually solved by creating a zone called "bar.foo.com" and in that zone create a default A and/or AAAA record pointing to the required address.

    Comment


    • #3
      Re: Convoluted but required DNS

      If the zone I forward to is called "zone.com" and this has a record for the host "www.zone.com" how would I create a child zone for it?

      Comment


      • #4
        Re: Convoluted but required DNS

        Just create a zone called www.zone.com containing one record only
        Tom Jones
        MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
        PhD, MSc, FIAP, MIITT
        IT Trainer / Consultant
        Ossian Ltd
        Scotland

        ** Remember to give credit where credit is due and leave reputation points where appropriate **

        Comment


        • #5
          Re: Convoluted but required DNS

          How do I create a child zone of a zone I don't hold but conditionally forward to?

          Comment


          • #6
            Re: Convoluted but required DNS

            Originally posted by didgemaster View Post
            How do I create a child zone of a zone I don't hold but conditionally forward to?
            You simply create the zone one your (the forwarding) server.

            Example:

            Your domain is foo.local, and ns1.foo.local is the name server for your network. Besides resolving local names and Internet DNS names, it must be able to resolve names in the bar.com domain, so you have defined a conditional forwarder for bar.com pointing to 10.11.12.13, an authoritative name server for that domain.

            For some reason you need to override the A record for the host baz.bar.com (it could be that 10.11.12.13 returns an internal IP address not reachable from your network), so you create the zone baz.bar.com on your server, and create a default A record in that zone pointing to 5.6.7.8.

            ns1.foo.local now believes baz.bar.com to be a subdomain/child zone rather than a host, but that is of no consequence. It will resolve baz.bar.com locally, forward all other requests for bar.com to 10.11.12.13, resolve foo.local locally, and use the general forwarder or the root servers for everything else.

            Comment


            • #7
              Re: Convoluted but required DNS

              OK I understand that but what record could I put in "baz.bar.com" for the host "baz"

              Comment


              • #8
                Re: Convoluted but required DNS

                Just been playing around and I see that you can have a host (A record) with no name.

                I hadn't realised before that you can have hosts with no name that use the zone name

                I'll give it a go and see what I can do - Thanks

                Comment

                Working...
                X