Solved

DNS - forward unknown queries in primary zone

Posted on 2008-10-13
1
663 Views
Last Modified: 2012-06-21
We are redirecting some of our own domain names back to their private IP's using our internal DNS server.  This works fine.  Right now we have it setup so each fqdn we want to redirect is its own primary zone.

For example

sub1.domain.com
sub2.domain.com
sub3.domain.com

are all primary zones.

I'd like to set it up so that domain.com is a primary zone and each sub domain is just an A record.  If I do that, queries for the sub domains I haven't redirected aren't forwarded and don't resolve.  What can I do to make that zone forward queries for non existant sub domains?  I also want the zone replicated to all of our internal DNS servers.  Or, is there a better way to accomplish the redirection?
0
Comment
Question by:Tofu4679
1 Comment
 
LVL 70

Accepted Solution

by:
Chris Dent earned 500 total points
ID: 22705580

Nothing I'm afraid.

At least not with MS DNS. You could potentially do something with BIND, but you would be looking at re-writing parts of it, and it might not be quite what you expect as you would be interrupting the normal NXDOMAIN response.

I'm sorry it's not better news, but adding a zone makes a server authoritative for it. If it's authoritative it will never forward requests for that domain out unless explicitly instructed by a delegation.

Chris
0

Featured Post

Webinar: Aligning, Automating, Winning

Join Dan Russo, Senior Manager of Operations Intelligence, for an in-depth discussion on how Dealertrack, leading provider of integrated digital solutions for the automotive industry, transformed their DevOps processes to increase collaboration and move with greater velocity.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
ISP Change 14 63
Windows 2012 DNS island on Domain Contoller 2 28
Windows Server 2016 - Root Hints are not keeping their IPv4 addresses 3 38
DNS zone 3 27
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question