RE: bind9 and dns forward
Hi,
> In fact you don't resolv at all. Can you provide:
> dig einsccmdp-01.tio.nl +trace +cd
-------<Quote>--------------------------
linbobo:~# dig einsccmdp-01.tio.nl +trace +cd
; <<>> DiG 9.16.37-Debian <<>> einsccmdp-01.tio.nl +trace +cd
;; global options: +cmd
. 430791 IN NS i.root-servers.net.
. 430791 IN NS a.root-servers.net.
. 430791 IN NS c.root-servers.net.
. 430791 IN NS e.root-servers.net.
. 430791 IN NS b.root-servers.net.
. 430791 IN NS m.root-servers.net.
. 430791 IN NS k.root-servers.net.
. 430791 IN NS d.root-servers.net.
. 430791 IN NS j.root-servers.net.
. 430791 IN NS f.root-servers.net.
. 430791 IN NS l.root-servers.net.
. 430791 IN NS h.root-servers.net.
. 430791 IN NS g.root-servers.net.
. 430791 IN RRSIG NS 8 0 518400 20230517050000 20230504040000 60955 . euvMHZqurPBykFmPr1OYrEWd3ZIP2l3skATDF8FxfGFfEZmBl/NIn+lu 463u/qxl9F3NYoxN7ANmZyJFMoDhCVpRMEk9mRimctn9fj+6B1EiG02g vUiMKSBPrv/gWbZZcXobaE/F99WYV0xnWNWAKJqRO52YRXqvqltvcjNM FnreCFXRPLFKJ6jqortPA8XfDEUeyt2oFnNZFy9aVqBSGsIqT2gaqX++ 6CXeemp5SSX1YHBxVVWnI6FWw7FjPBRNa485e0RmTi/0WdTTaYd2Eh5u Sfbpn4OzAgOkGJEU0J45Z4nO8j8M8PpRIW8xh7muW/pLUL6x3FsRsf2s scKr8w==
;; Received 1137 bytes from 127.0.0.1#53(127.0.0.1) in 0 ms
nl. 172800 IN NS ns4.dns.nl.
nl. 172800 IN NS ns1.dns.nl.
nl. 172800 IN NS ns3.dns.nl.
nl. 86400 IN DS 34112 8 2 3C5B5F9B3557455C50751A9BE9EBE9238C88E19F5F07F930976917B5 1B95CD22
nl. 86400 IN RRSIG DS 8 1 86400 20230518050000 20230505040000 60955 . n2RgQwHUOPq0Kfit0Fs3PJx+xiSsSeZqOtzw0oq5BU0CBhM6WN75Gw/T u+PIFd4NEFoS2T3Y+mGuQb7PfvGNOFHbRzp1rwHrgj5GzgS3nCih9jOF wPNytFVYhJ/RqfD80dMwShZAs2OxlVIfD7UYEjUs/ZC38PreGAoHedQI wp8lECv80cr+zFHtPHh5RiW1Clg4TDWmlzOsa8y9FOH3acTM+kFjnnaQ se2p0ZciZk8B7aNoxG468JQnQHHKRbxQgn8wxM0ttHKkpmwZHvL7bfhE CH+akGcz/g4TFQA88B9eHTe0AqcUcHsPhBmB/uySv3FAiO0myKsQwuC+ 8vORCg==
;; Received 605 bytes from 192.36.148.17#53(i.root-servers.net) in 0 ms
tio.nl. 3600 IN NS ns1.argewebhosting.eu.
tio.nl. 3600 IN NS ns2.argewebhosting.com.
tio.nl. 3600 IN NS ns3.argewebhosting.nl.
tio.nl. 3600 IN DS 33829 8 2 81029E0FCAA9E0C8B2C599485634C0BD006607BAE31F51A48AF0B3A7 EBDBB8E3
tio.nl. 3600 IN RRSIG DS 8 2 3600 20230516084745 20230501190734 50076 nl. HU8NwsPjKyakNkwXofrXCi6myG361X7PYkKbenuMz+idBTsOJxQDGmVp QAGsuI35V0zDKV4qhjCXH9DLfoPhktYMvQF1S87OrAVT8EKVMYOEbzmH e1KyXWXFIYoJnZxjL+peKL4KMKmlBn2ZbAZ2CjrEaCQU+JoQNK/rjL61 y+g=
;; Received 408 bytes from 2620:10a:80ac::200#53(ns4.dns.nl) in 12 ms
tio.nl. 3600 IN SOA ns1.argewebhosting.eu. hostmaster\@argeweb.nl. 2023021412 10800 3600 604800 3600
tio.nl. 3600 IN RRSIG SOA 8 2 3600 20230518000000 20230427000000 11454 tio.nl. JxpppR49YY6NXXJStWmSmQyE1CUNBS6UVQ56WUeZUL3Hs0+ADoQ/Jr6A lo00s+d8yNg6zoMqVOCSp0yKmrSJQ1bbX3jsbyJjryL0YuDnu6sZz4ZE JsQw4xhewJhXw9MDen2UjB0TPRp+j6N2RPgdE9dtzqYddAdmqNyE0QNu fE0=
kehjo2i9ccgil56qqhgo4o6j7igguuks.tio.nl. 3600 IN NSEC3 1 0 1 AB KGKAK3FDJ7OR1SLCGL2M254C661KKVCU A NS SOA MX TXT RRSIG DNSKEY NSEC3PARAM
kehjo2i9ccgil56qqhgo4o6j7igguuks.tio.nl. 3600 IN RRSIG NSEC3 8 3 3600 20230518000000 20230427000000 11454 tio.nl. mSK7JoJp+VyXIOTeW1jMndxc3l2li7uj+uwf+9/ZT1/wIqb9fCcHiITk ET4c3JR5VUa+Mq0rUrwCPUZ0DzXFmvvp0yrYoleoczsdgMxKgyfjpqgs +XaElHEF2LWzA33CNkDO8kxaXAfTXNYaGMfTzVMOi+9NYEB3n5tjGBqJ Wcg=
oji66ft00rg1tjd4kc30vno3gbkruu91.tio.nl. 3600 IN NSEC3 1 0 1 AB OORJ40BKUP0NDMA08HQO9NS6EMNVIKTH A RRSIG
oji66ft00rg1tjd4kc30vno3gbkruu91.tio.nl. 3600 IN RRSIG NSEC3 8 3 3600 20230518000000 20230427000000 11454 tio.nl. VY387t4VXyf55HF9EK5l5BJupdO65JBccwQ4AAQJZ6eI/8iYak5H73Wi Mpqu1Dw/NSuWgfYvhtfG5KFqlqyuH88pKJtt5mra6+c3NRi1F6yu4TYS owv7naAaZy4Tv83zMcNYjivcM2wV4PCKX9nM1TQieRwB9nBx5+QnvUkX KvI=
o4n6i0v019dpao7abq7mfor6a1543t6g.tio.nl. 3600 IN NSEC3 1 0 1 AB OJI66FT00RG1TJD4KC30VNO3GBKRUU91 CNAME RRSIG
o4n6i0v019dpao7abq7mfor6a1543t6g.tio.nl. 3600 IN RRSIG NSEC3 8 3 3600 20230518000000 20230427000000 11454 tio.nl. FGm7FofqjWiWd+9Bj7oNaLqraLyajz7rugO7N7ctd8ZKT14qcEfGkrgV zghw+Zpnda4Hb7aGomdsZ/XdiJorXRZRWQD5Qcirm1YEoZwAAbLyyJK0 qfn3g8SRuVH51nVOOr7WfeZRMVXOlgYSrRnYGlsGQfg/y7or/1qrGnxM 8gM=
;; Received 1029 bytes from 2a05:1500:702:0:1c00:eff:fe00:ce#53(ns1.argewebhosting.eu) in 8 ms
-------<Quote>--------------------------
And just to make sure it realy was my own bind responding
-------<Quote>--------------------------
linbobo:/etc/bind# dig einsccmdp-01.tio.nl @127.0.0.1 +trace +cd
; <<>> DiG 9.16.37-Debian <<>> einsccmdp-01.tio.nl @127.0.0.1 +trace +cd
;; global options: +cmd
. 518297 IN NS b.root-servers.net.
. 518297 IN NS l.root-servers.net.
. 518297 IN NS e.root-servers.net.
. 518297 IN NS d.root-servers.net.
. 518297 IN NS i.root-servers.net.
. 518297 IN NS a.root-servers.net.
. 518297 IN NS g.root-servers.net.
. 518297 IN NS f.root-servers.net.
. 518297 IN NS c.root-servers.net.
. 518297 IN NS h.root-servers.net.
. 518297 IN NS j.root-servers.net.
. 518297 IN NS k.root-servers.net.
. 518297 IN NS m.root-servers.net.
. 518297 IN RRSIG NS 8 0 518400 20230518050000 20230505040000 60955 . Yz1mgXTG4kStmPrjvxu3iQsekhdLfu3KeyZT26ebRPDeUnRUz/ajenhi jNj4FA6krNnCI1hfU0htq/10iADDnc35NTtGA6PodoTa8qf75l9UZ/Cc 59FRaH7sEDgjXcvts0X2R85aHofogRRcp77ufoetwSS0KZRsbJ5vBbq2 J4UIbKNHCZP0anl8+qmDmiMNy3VJYcUwePT6qDUBMe2fhktmU6w1RLSe 3xGV1dIFONSdZJeQxsJkWBXa5HnBN1Vl8iw6eDKauJDw6LL41fd8XzSk CYfl79f92z2tVv5q3l1G8fN3C+KJ33J1Y/hivBSe2FmVuwRkbr1mddH0 4m4LLw==
;; Received 1137 bytes from 127.0.0.1#53(127.0.0.1) in 0 ms
nl. 172800 IN NS ns1.dns.nl.
nl. 172800 IN NS ns3.dns.nl.
nl. 172800 IN NS ns4.dns.nl.
nl. 86400 IN DS 34112 8 2 3C5B5F9B3557455C50751A9BE9EBE9238C88E19F5F07F930976917B5 1B95CD22
nl. 86400 IN RRSIG DS 8 1 86400 20230518050000 20230505040000 60955 . n2RgQwHUOPq0Kfit0Fs3PJx+xiSsSeZqOtzw0oq5BU0CBhM6WN75Gw/T u+PIFd4NEFoS2T3Y+mGuQb7PfvGNOFHbRzp1rwHrgj5GzgS3nCih9jOF wPNytFVYhJ/RqfD80dMwShZAs2OxlVIfD7UYEjUs/ZC38PreGAoHedQI wp8lECv80cr+zFHtPHh5RiW1Clg4TDWmlzOsa8y9FOH3acTM+kFjnnaQ se2p0ZciZk8B7aNoxG468JQnQHHKRbxQgn8wxM0ttHKkpmwZHvL7bfhE CH+akGcz/g4TFQA88B9eHTe0AqcUcHsPhBmB/uySv3FAiO0myKsQwuC+ 8vORCg==
;; Received 605 bytes from 2001:7fe::53#53(i.root-servers.net) in 8 ms
tio.nl. 3600 IN NS ns3.argewebhosting.nl.
tio.nl. 3600 IN NS ns2.argewebhosting.com.
tio.nl. 3600 IN NS ns1.argewebhosting.eu.
tio.nl. 3600 IN DS 33829 8 2 81029E0FCAA9E0C8B2C599485634C0BD006607BAE31F51A48AF0B3A7 EBDBB8E3
tio.nl. 3600 IN RRSIG DS 8 2 3600 20230516084745 20230501190734 50076 nl. HU8NwsPjKyakNkwXofrXCi6myG361X7PYkKbenuMz+idBTsOJxQDGmVp QAGsuI35V0zDKV4qhjCXH9DLfoPhktYMvQF1S87OrAVT8EKVMYOEbzmH e1KyXWXFIYoJnZxjL+peKL4KMKmlBn2ZbAZ2CjrEaCQU+JoQNK/rjL61 y+g=
;; Received 408 bytes from 2001:678:20::24#53(ns3.dns.nl) in 16 ms
tio.nl. 3600 IN SOA ns1.argewebhosting.eu. hostmaster\@argeweb.nl. 2023021412 10800 3600 604800 3600
tio.nl. 3600 IN RRSIG SOA 8 2 3600 20230518000000 20230427000000 11454 tio.nl. JxpppR49YY6NXXJStWmSmQyE1CUNBS6UVQ56WUeZUL3Hs0+ADoQ/Jr6A lo00s+d8yNg6zoMqVOCSp0yKmrSJQ1bbX3jsbyJjryL0YuDnu6sZz4ZE JsQw4xhewJhXw9MDen2UjB0TPRp+j6N2RPgdE9dtzqYddAdmqNyE0QNu fE0=
kehjo2i9ccgil56qqhgo4o6j7igguuks.tio.nl. 3600 IN NSEC3 1 0 1 AB KGKAK3FDJ7OR1SLCGL2M254C661KKVCU A NS SOA MX TXT RRSIG DNSKEY NSEC3PARAM
kehjo2i9ccgil56qqhgo4o6j7igguuks.tio.nl. 3600 IN RRSIG NSEC3 8 3 3600 20230518000000 20230427000000 11454 tio.nl. mSK7JoJp+VyXIOTeW1jMndxc3l2li7uj+uwf+9/ZT1/wIqb9fCcHiITk ET4c3JR5VUa+Mq0rUrwCPUZ0DzXFmvvp0yrYoleoczsdgMxKgyfjpqgs +XaElHEF2LWzA33CNkDO8kxaXAfTXNYaGMfTzVMOi+9NYEB3n5tjGBqJ Wcg=
oji66ft00rg1tjd4kc30vno3gbkruu91.tio.nl. 3600 IN NSEC3 1 0 1 AB OORJ40BKUP0NDMA08HQO9NS6EMNVIKTH A RRSIG
oji66ft00rg1tjd4kc30vno3gbkruu91.tio.nl. 3600 IN RRSIG NSEC3 8 3 3600 20230518000000 20230427000000 11454 tio.nl. VY387t4VXyf55HF9EK5l5BJupdO65JBccwQ4AAQJZ6eI/8iYak5H73Wi Mpqu1Dw/NSuWgfYvhtfG5KFqlqyuH88pKJtt5mra6+c3NRi1F6yu4TYS owv7naAaZy4Tv83zMcNYjivcM2wV4PCKX9nM1TQieRwB9nBx5+QnvUkX KvI=
o4n6i0v019dpao7abq7mfor6a1543t6g.tio.nl. 3600 IN NSEC3 1 0 1 AB OJI66FT00RG1TJD4KC30VNO3GBKRUU91 CNAME RRSIG
o4n6i0v019dpao7abq7mfor6a1543t6g.tio.nl. 3600 IN RRSIG NSEC3 8 3 3600 20230518000000 20230427000000 11454 tio.nl. FGm7FofqjWiWd+9Bj7oNaLqraLyajz7rugO7N7ctd8ZKT14qcEfGkrgV zghw+Zpnda4Hb7aGomdsZ/XdiJorXRZRWQD5Qcirm1YEoZwAAbLyyJK0 qfn3g8SRuVH51nVOOr7WfeZRMVXOlgYSrRnYGlsGQfg/y7or/1qrGnxM 8gM=
;; Received 1029 bytes from 2a05:1500:702:0:1c00:eff:fe00:ce#53(ns1.argewebhosting.eu) in 12 ms
-------<Quote>--------------------------
And Argeweb is the provider for my public dns, so it seems it is indeed trying my public dns with dnssec and then failing my private dns from the company inside dns.
dig @172.16.208.10 einsccmdp-01.tio.nl
-------<Quote>--------------------------
linbobo:~# dig @172.16.208.10 einsccmdp-01.tio.nl
; <<>> DiG 9.16.37-Debian <<>> @172.16.208.10 einsccmdp-01.tio.nl
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27560
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
;; QUESTION SECTION:
;einsccmdp-01.tio.nl. IN A
;; ANSWER SECTION:
einsccmdp-01.tio.nl. 1200 IN A 172.16.212.18
;; Query time: 16 msec
;; SERVER: 172.16.208.10#53(172.16.208.10)
;; WHEN: Fri May 05 16:40:56 CEST 2023
;; MSG SIZE rcvd: 64
-------<Quote>--------------------------
(this one to eliminate 172.16.208.10 beeing broken)
> I don't understand why you define staf.tio.nl and student.tio.nl as tio.nl is already on the same forwarders.
> I don't know if it's valid but it seems useless. And your logs suggest a problem between staf.tio.nl and tio.nl.
> Could you comment staf.tio.nl and student.tio.nl, restart bind (or reload + flush) and try again above dig ?
So you say if I just forward tio.nl to the company server it will forward all subdomains? Examples I had seen showed differently but I can test.
Oh no, I cannot test ic completely but.... from /var/log/syslog I do see references to the internal dns servers so it seems it does indeed try to resolve a server like hostname.staf.tio.nl against the internal dns servers. :-)
Everything else shows the same trace info. :-( It first goes to the public dns eventhough I now have
-------<Quote>--------------------------
linbobo:/etc/bind# dig einsccmdp-01.tio.nl @127.0.0.1 +trace +cd
; <<>> DiG 9.16.37-Debian <<>> einsccmdp-01.tio.nl @127.0.0.1 +trace +cd
;; global options: +cmd
. 518363 IN NS c.root-servers.net.
. 518363 IN NS k.root-servers.net.
. 518363 IN NS d.root-servers.net.
. 518363 IN NS m.root-servers.net.
. 518363 IN NS e.root-servers.net.
. 518363 IN NS b.root-servers.net.
. 518363 IN NS h.root-servers.net.
. 518363 IN NS f.root-servers.net.
. 518363 IN NS a.root-servers.net.
. 518363 IN NS g.root-servers.net.
. 518363 IN NS j.root-servers.net.
. 518363 IN NS i.root-servers.net.
. 518363 IN NS l.root-servers.net.
. 518363 IN RRSIG NS 8 0 518400 20230518050000 20230505040000 60955 . Yz1mgXTG4kStmPrjvxu3iQsekhdLfu3KeyZT26ebRPDeUnRUz/ajenhi jNj4FA6krNnCI1hfU0htq/10iADDnc35NTtGA6PodoTa8qf75l9UZ/Cc 59FRaH7sEDgjXcvts0X2R85aHofogRRcp77ufoetwSS0KZRsbJ5vBbq2 J4UIbKNHCZP0anl8+qmDmiMNy3VJYcUwePT6qDUBMe2fhktmU6w1RLSe 3xGV1dIFONSdZJeQxsJkWBXa5HnBN1Vl8iw6eDKauJDw6LL41fd8XzSk CYfl79f92z2tVv5q3l1G8fN3C+KJ33J1Y/hivBSe2FmVuwRkbr1mddH0 4m4LLw==
;; Received 1137 bytes from 127.0.0.1#53(127.0.0.1) in 0 ms
nl. 172800 IN NS ns1.dns.nl.
nl. 172800 IN NS ns3.dns.nl.
nl. 172800 IN NS ns4.dns.nl.
nl. 86400 IN DS 34112 8 2 3C5B5F9B3557455C50751A9BE9EBE9238C88E19F5F07F930976917B5 1B95CD22
nl. 86400 IN RRSIG DS 8 1 86400 20230518050000 20230505040000 60955 . n2RgQwHUOPq0Kfit0Fs3PJx+xiSsSeZqOtzw0oq5BU0CBhM6WN75Gw/T u+PIFd4NEFoS2T3Y+mGuQb7PfvGNOFHbRzp1rwHrgj5GzgS3nCih9jOF wPNytFVYhJ/RqfD80dMwShZAs2OxlVIfD7UYEjUs/ZC38PreGAoHedQI wp8lECv80cr+zFHtPHh5RiW1Clg4TDWmlzOsa8y9FOH3acTM+kFjnnaQ se2p0ZciZk8B7aNoxG468JQnQHHKRbxQgn8wxM0ttHKkpmwZHvL7bfhE CH+akGcz/g4TFQA88B9eHTe0AqcUcHsPhBmB/uySv3FAiO0myKsQwuC+ 8vORCg==
;; Received 573 bytes from 198.97.190.53#53(h.root-servers.net) in 12 ms
tio.nl. 3600 IN NS ns1.argewebhosting.eu.
tio.nl. 3600 IN NS ns2.argewebhosting.com.
tio.nl. 3600 IN NS ns3.argewebhosting.nl.
tio.nl. 3600 IN DS 33829 8 2 81029E0FCAA9E0C8B2C599485634C0BD006607BAE31F51A48AF0B3A7 EBDBB8E3
tio.nl. 3600 IN RRSIG DS 8 2 3600 20230516084745 20230501190734 50076 nl. HU8NwsPjKyakNkwXofrXCi6myG361X7PYkKbenuMz+idBTsOJxQDGmVp QAGsuI35V0zDKV4qhjCXH9DLfoPhktYMvQF1S87OrAVT8EKVMYOEbzmH e1KyXWXFIYoJnZxjL+peKL4KMKmlBn2ZbAZ2CjrEaCQU+JoQNK/rjL61 y+g=
;; Received 408 bytes from 2001:678:2c:0:194:0:28:53#53(ns1.dns.nl) in 8 ms
tio.nl. 3600 IN SOA ns1.argewebhosting.eu. hostmaster\@argeweb.nl. 2023021412 10800 3600 604800 3600
tio.nl. 3600 IN RRSIG SOA 8 2 3600 20230518000000 20230427000000 11454 tio.nl. JxpppR49YY6NXXJStWmSmQyE1CUNBS6UVQ56WUeZUL3Hs0+ADoQ/Jr6A lo00s+d8yNg6zoMqVOCSp0yKmrSJQ1bbX3jsbyJjryL0YuDnu6sZz4ZE JsQw4xhewJhXw9MDen2UjB0TPRp+j6N2RPgdE9dtzqYddAdmqNyE0QNu fE0=
kehjo2i9ccgil56qqhgo4o6j7igguuks.tio.nl. 3600 IN NSEC3 1 0 1 AB KGKAK3FDJ7OR1SLCGL2M254C661KKVCU A NS SOA MX TXT RRSIG DNSKEY NSEC3PARAM
kehjo2i9ccgil56qqhgo4o6j7igguuks.tio.nl. 3600 IN RRSIG NSEC3 8 3 3600 20230518000000 20230427000000 11454 tio.nl. mSK7JoJp+VyXIOTeW1jMndxc3l2li7uj+uwf+9/ZT1/wIqb9fCcHiITk ET4c3JR5VUa+Mq0rUrwCPUZ0DzXFmvvp0yrYoleoczsdgMxKgyfjpqgs +XaElHEF2LWzA33CNkDO8kxaXAfTXNYaGMfTzVMOi+9NYEB3n5tjGBqJ Wcg=
oji66ft00rg1tjd4kc30vno3gbkruu91.tio.nl. 3600 IN NSEC3 1 0 1 AB OORJ40BKUP0NDMA08HQO9NS6EMNVIKTH A RRSIG
oji66ft00rg1tjd4kc30vno3gbkruu91.tio.nl. 3600 IN RRSIG NSEC3 8 3 3600 20230518000000 20230427000000 11454 tio.nl. VY387t4VXyf55HF9EK5l5BJupdO65JBccwQ4AAQJZ6eI/8iYak5H73Wi Mpqu1Dw/NSuWgfYvhtfG5KFqlqyuH88pKJtt5mra6+c3NRi1F6yu4TYS owv7naAaZy4Tv83zMcNYjivcM2wV4PCKX9nM1TQieRwB9nBx5+QnvUkX KvI=
o4n6i0v019dpao7abq7mfor6a1543t6g.tio.nl. 3600 IN NSEC3 1 0 1 AB OJI66FT00RG1TJD4KC30VNO3GBKRUU91 CNAME RRSIG
o4n6i0v019dpao7abq7mfor6a1543t6g.tio.nl. 3600 IN RRSIG NSEC3 8 3 3600 20230518000000 20230427000000 11454 tio.nl. FGm7FofqjWiWd+9Bj7oNaLqraLyajz7rugO7N7ctd8ZKT14qcEfGkrgV zghw+Zpnda4Hb7aGomdsZ/XdiJorXRZRWQD5Qcirm1YEoZwAAbLyyJK0 qfn3g8SRuVH51nVOOr7WfeZRMVXOlgYSrRnYGlsGQfg/y7or/1qrGnxM 8gM=
;; Received 1029 bytes from 31.25.98.169#53(ns2.argewebhosting.com) in 8 ms
-------<Quote>--------------------------
And just to make there is no error in my (new) named.conf.local file:
-------<Quote>--------------------------
linbobo:/etc/bind# cat named.conf.local
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
// include /etc/dhcp3/dhcpd_update.key;
[... some RFC 1918 zone definitions here ... like ...]
zone "178.168.192.in-addr.arpa" IN {
type master;
file "/etc/bind/db.192-168-178";
};
zone "tio.nl" IN {
type forward;
forward only;
forwarders {172.16.128.40; 172.16.208.10;};
};
zone "tio.test" IN {
type forward;
forward only;
forwarders {172.16.128.40; 172.16.208.10;};
-------<Quote>--------------------------
Why does it first go to the public dns and then run into the dnssec problem? There is a direct definition for the tio.nl zone in my config file.
Bonno Bloksma
Reply to: