Conditional DNS forwarding with named on Linux

Solution 1:

hehe, I up-voted the previous answer before doing some fettling myself.

Right, so, if you edit your named.conf and add the following:

zone "newdomain.com" {
    type forward;
    forward only;
    forwarders { 22.22.22.22; };
};

now you won't be able to do reverse lookups easily, you'll have to modify the following zone statement to make sense for the IP address(s) of the domain (this was originally a reverse for 192.168.80.0/24).

zone "80.168.192.in-addr.arpa" {
    type forward;
    forward only;
    forwarders { 22.22.22.22; };
};

After making the changes, you should

  1. Check that you havn't faffed up the config files: named-checkconf

  2. Tell bind to reload its config: rndc reload (much prefered to /etc/init.d/bind reload )

Bear in mind this will return non-authorative answers for the domain. The way around this (and to offer better local caching should the remote DNS be problematic) would be to act as a slave for the zone.


edited to add the forward only; statement. this will cause the query to fail after trying the server(s) specified in forwarders, rather than failing and then trying a standard lookup. Also edited to change /etc/init.d/bind reload to rndc reload after advice in comments.

Solution 2:

If you are trying to optimize, and 22.22.22.22 is auth for that zone, you can also use a stub zone:

zone "newdomain.com" {
    type stub;
    masters { 22.22.22.22 };
};

This does something slightly differently than forwarding. It will query the server 22.22.22.22 for NS records, and keep them in the cache at all times. This will do almost the same thing, but if another NS host (say, 33.33.33.33) was also listed, your server would then learn about it and use it as well.

I believe a stub zone here is a better option than conditional forwarding.