DNS and Forwarding

[bpark]

According to my readings, forwarders statement is used to lessen the load on a machine. If this statement is not present, I would think the root servers would be contacted where it would then contact the appropriate authorative server to resolve the name.

The following is my named.conf file:

Code:

options {
        directory "/var/cache/bind";

   // from bind 9:
   //    [fetch-glue] is obsolete. In BIND 8, fetch-glue yes caused the
   //   server to attempt to fetch glue resource records it didn't have
   //   when constructing the additional data section of a response.
   //   This is now considered a bad idea and BIND 9 never does it.

   fetch-glue no;

   // If there is a firewall between you and nameservers you want
   // to talk to, you might need to uncomment the query-source
   // directive below.  Previous versions of BIND always asked
   // questions using port 53, but BIND 8.1 and later use an unprivileged
   // port by default.

   // query-source address * port 53;

   // If your ISP provided one or more IP addresses for stable
   // nameservers, you probably want to use them as forwarders. 
   // Uncomment the following block, and insert the addresses replacing
   // the all-0's placeholder.

      // I've included xx for viewing sake. The actual ip address work.
   forwarders {
      xx.xx.xx.xx.
      xx.xx.xx.xx;
   };

   notify no;
};

// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind/README.Debian for information on the
// structure of BIND configuration files in Debian for BIND versions 8.2.1
// and later, *BEFORE* you customize this configuration file.
//

// reduce log verbosity on issues outside our control
logging {
   category lame-servers { null; };
   category cname { null; };
};

// prime the server with knowledge of the root servers
zone "." {
        type hint;
        file "db.root";
};

// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912

zone "localhost" {
        type master;
        file "db.local";
};

zone "127.in-addr.arpa" {
        type master;
        file "db.127";
};

zone "0.in-addr.arpa" {
        type master;
        file "db.0";
};

zone "255.in-addr.arpa" {
        type master;
        file "db.255";
};

If I take out the forwarders statement, any names outside of my local domain cannot be resolved. What am I missing?

[sarumont]

Without forwarders, BIND tries to resolve everything itself and fails miserably. Are you sure that db.root is where it should be? What about your /etc/resolv.conf? Is it set up to point to the machine itself for resolution?

[bpark]

db.root is located in /var/cache/bind as with other zone files. /etc/resolv.conf points at itself.

I know using forwarders is a better solution but I was doing this to see if it named was working correctly without the forwarders statement.