Secondary DNS controller for Windows domain

[Roger Grosswiler]

Hi Steve,

you can configure bind acting as a slave, but telling your fc2-box to forward queries to external servers, if no
result is given by your zone.

so, your /etc/named.conf:


 more named.conf
// generated by named-bootconf.pl

options {
        directory "/var/named";
        /*
         * If there is a firewall between you and nameservers you want
         * to talk to, you might need to uncomment the query-source
         * directive below.  Previous versions of BIND always asked
         * questions using port 53, but BIND 8.1 uses an unprivileged
         * port by default.
         */
        // query-source address * port 53;

  notify no;
        forward first;
        forwarders { ip-adress of a external dns-server1; ip-adress of a external dns-server2; } ;
};
this entry forwards queries to the forwarders, if no internal dns-server brings an appropriate answer......now,
indicate your slave-zone in /etc/named.conf, eg:

zone "your_zone" {
        type slave;
        file "/var/named/zonefile.hosts";
        masters {
                ip-adress-of-your-master-dns;
                };
        allow-transfer {
                ip-adress-of-this-slave; { key rndckey; };
                };
        };
the option { key rndckey; }; has to be inserted, if your master-dns-server requires a password for the zone-download.
if your master-dns doesn't require this, you can remove this option. otherwise, you will find a file in /etc/ called
rndckey. insert the password in there. as i remember, by default w2k doesn't require one (but i can be wrong...) the
password should be encrypted.

if you've done this, make sure, /var/named has 775 to user and group named, otherwise, the update will fail.

HTH, let me know whether it's what you need.
Roger