DNS forwarder config
Posted: Wed Jun 19, 2013 11:21 am
I'm having a problem getting my DNS lookups to look in the right place.
I have a local RBLDNS server that I want used for all lookups by local services for "*.rbldns.domain.tld"
In resolve.conf I have
So, lookups will be done using the local nameserver first. Good.
Next, in named.conf, I have two things that have anything to do with this:
and
dig @localhost 123.123.123.123.rbldns.domain.tld gives me the expected answer and says 127.0.0.1 was used for the lookup. Great.
dig 123.123.123.123.rbldns.domain.tld gives me exactly the same answer and says that 127.0.0.1 was used for the lookup. Again Great.
BUT, I'm seeing loads of queries on port 53 (which is closed to the outside world) from OpenDNS knocking on the door of public-ip-of-rbldns, and I can't figure out why.
I should point out that public NS records for rbldns.domain.tld and domain.tld point to some other DNS server unrelated to this. The A record for rbldns.domain.tld point to "public-ip-of-rbldns", however.
So...something, somewhere, is causing something to use the OpenDNS DNS servers to do the lookups.
I'm thinking in terms of the forward section pointing to the OpenDNS 208.67 addresses, but shouldn't this be overridden by the local zone definition?
I have a local RBLDNS server that I want used for all lookups by local services for "*.rbldns.domain.tld"
In resolve.conf I have
Code: Select all
nameserver 127.0.0.1
nameserver 208.67.220.220
nameserver 208.67.222.222Next, in named.conf, I have two things that have anything to do with this:
Code: Select all
// If you've got a DNS server around at your upstream provider, enter
// its IP address here, and enable the line below. This will make you
// benefit from its cache, thus reduce overall DNS traffic in the Internet.
forwarders {
208.67.222.222; 208.67.220.220;
};
Code: Select all
zone "rbldns.domain.tld" IN {
type forward;
forward first;
forwarders {
public-ip-of-rbldnsd;
};
};
dig @localhost 123.123.123.123.rbldns.domain.tld gives me the expected answer and says 127.0.0.1 was used for the lookup. Great.
dig 123.123.123.123.rbldns.domain.tld gives me exactly the same answer and says that 127.0.0.1 was used for the lookup. Again Great.
BUT, I'm seeing loads of queries on port 53 (which is closed to the outside world) from OpenDNS knocking on the door of public-ip-of-rbldns, and I can't figure out why.
I should point out that public NS records for rbldns.domain.tld and domain.tld point to some other DNS server unrelated to this. The A record for rbldns.domain.tld point to "public-ip-of-rbldns", however.
So...something, somewhere, is causing something to use the OpenDNS DNS servers to do the lookups.
I'm thinking in terms of the forward section pointing to the OpenDNS 208.67 addresses, but shouldn't this be overridden by the local zone definition?