Create DNS Records and Delegate Queries to Another DNS Server

delegationdomain-name-systemwindows-server-2003zones

I have an internal DNS server. I've added a custom record for a domain name that is public.
I want to add local records but keep the public domain name resolved.
For instance :
foo.bar.com = wan ip -> SAT -> local server

I've added a zone bar.com and a custom record :
gum.bar.com = lan ip -> local server

BUT I need to delegate other records, that means foo.bar.com should be left to the public DNS server.
I saw the delegation option for a zone, I put my IPS DNS server, it works nice for a specific zone, like foo.bar must be resolved by the isp 's DNS.
Now If I want to delegate a wildcart, it ain't work.
You get I want to override the DNS server :
resolve local names (the one you have records for) but other domain names mut be resolved by another server.

How can I achieve that, using a wildcard for a given zone ?
Thanks mates

Best Answer

Delete your "bar.com" zone from your W2K3 DNS server. Create a zone "gum.bar.com", and create a blank host record in that zone pointing to the LAN IP of the local server. Problem solved. >smile<

The W2K3 DNS server can't be simultaneously authoritative for a domain while forwarding queries that it can't resolve to another DNS server. It's just a limitation of the product. Working around it, per the above, is how we've always handled it.

Related Solutions

Windows server dns for root domain

I don't know the windows way to do this, but the BIND way to do it is:

[root@dhdx421 internal]# head -n 20 example.com
$ORIGIN .
$TTL 21600      ; 6 hours
example.com              IN SOA  ns3.example.com. hostmaster.example.com. (
                                2009111201 ; serial
                                10800      ; refresh (3 hours)
                                3601       ; retry (1 hour 1 second)
                                259200     ; expire (3 days)
                                21600      ; minimum (6 hours)
                                )
                        NS      ns2.example.com.
                        NS      ns3.example.com.
                        A       172.18.1.100
$ORIGIN example.com.

The A record above is the example.com record. Specifying *.example.com means "anything".example.com, but "anything" can't be null as you've specified a "." and periods have special meaning in DNS.

Additionally, keep in mind that if you're overriding someone else's DNS, unless you setup forwarding properly, you will only be able to resolve the addresses that you've overridden (i.e., made your server authoritative for).

Delegate part of a zone to another server

It sounds like you have home.mydomain.tld as a public zone and you want to create internal records for PC.home.mydomain.tld, TV.home.mydomain.tld, refrigerator.home.mydomain.tld, etc.?

About the only un-nasty way I can think of to do this without stepping on the home.mydomain.tld domain would be to create x.home.mydomain.tld and put everything under that zone, which is served by your local nameserver.

You COULD create an individual zone for each of PC, TV, refrigerator, etc. above and have your local nameserver only be authoritative for those individual bits, but that means a huge number of one-entry zone files (YUCK!).

Also note that any local zones you create would step on and override any outside DNS server's zones: It's not possible to have the A record for pc.home.mydomain.tld come from one NS and the AAAA record for it come from another: DNS delegates and declares authority by zone name, and that authority is for all record types within that zone.
If a nameserver is told it is authoritative for something and can't find the record it will not forward the query up the DNS tree, it will simply return NXDOMAIN.

Best Answer

Related Solutions

Windows server dns for root domain

Delegate part of a zone to another server

Related Topic