[ previous ] [ next ] [ threads ]
 From:  Dave Warren <maillist at devilsplayground dot net>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  DNS forwarder: authoritative DNS override
 Date:  Mon, 14 Nov 2005 19:53:39 -0700
Quick question... At the bottom of the DNS Forwarder tab it says "Below 
you can override an entire domain by specifying an authoritative DNS 
server to be queried for that domain."

I'm trying to use this functionality, but it doesn't seem to work.

I have a zone (lets call it internal.example.com) which, on the 
internet, is a wildcard CNAME to my m0n0wall's WAN IP.  The same zone is 
authoritative in my internal DNS, which is Active Directory enabled and 
supports dynamic updates and various other toys.

My m0n0wall DHCP server hands out my AD DNS servers, I don't really use 
the m0n0wall DNS forwarding much at all.  However, I'd like to use it on 
alternate interfaces (which can't talk directly to my AD DNS servers).

My understanding is that if I add internal.example.com to the "override 
an entire domain" and enter the IP of my internal DNS, then m0n0wall 
should let me query host.internal.example.com and it would return the 
internal IP rather then the external IP -- Is that correct?

If so, can anybody confirm it works -- It doesn't work here.

If men can run the world, why can't they stop wearing neckties?
How intelligent is it to start the day by tying a noose around
your neck?