download

Chapter 13There is another option, whereby you can forward DNS requests to one or morespecific upstream DNS servers instead of resolving the DNS information from theroot servers. This can be done by specifying forwarders under the options clause inthe named.conf configuration files, as shown:forwarders{10.3.25.2;10.3.1.10;};This will tell the named daemon to try forwarding the requests to these servers first.If it is unable to get the result from these servers, it will initiate a new query to theroot servers. However, you can also disable this second part (asking root servers) byadding the following line (under the options clause) to the named.conf file:forwardonly;In this case, if the forwarders you specified are unable to resolve the query, it will fail.There may be times when you would need to flush the DNS cache, for example, toget rid of some stale data that are cached in the DNS cache. This can be achievedusing the rndc(8) utility as follows:# rndc flushAuthoritativeRunning an authoritative DNS server is similar to running forwarder setup, except inthat you would have to set up your DNS zone files, and then modify the named.conffile to answer the specific domain information for the zone files you have specified.A typical forward DNS (Hostname to IP address mapping) named.conf file lookslike this:options{directory "/etc/namedb"; // Working directoryallow-query-cache { none; }; // Do not allow access to cacherecursion no; // Do not provide recursive service};zone "example.com"{type master;file "master/example.com.db";allow-transfer[ 217 ]