From owner-freebsd-hackers Thu Jan 9 5:22:15 2003 Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1871737B401 for ; Thu, 9 Jan 2003 05:22:14 -0800 (PST) Received: from mail.bellavista.cz (mail.bellavista.cz [62.168.44.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1FF3C43F3F for ; Thu, 9 Jan 2003 05:22:13 -0800 (PST) (envelope-from neuhauser@bellavista.cz) Received: from freepuppy.bellavista.cz (freepuppy.bellavista.cz [10.0.0.10]) by mail.bellavista.cz (Postfix) with ESMTP id 904B329E; Thu, 9 Jan 2003 14:22:06 +0100 (CET) Received: by freepuppy.bellavista.cz (Postfix, from userid 1001) id 414182FDB4E; Thu, 9 Jan 2003 14:22:02 +0100 (CET) Date: Thu, 9 Jan 2003 14:22:02 +0100 From: Roman Neuhauser To: Peter Much Cc: hackers@FreeBSD.ORG Subject: Re: sendmail: how to get the named of FreeBSD4.7 standards compliant? Message-ID: <20030109132202.GG1196@freepuppy.bellavista.cz> Mail-Followup-To: Peter Much , hackers@FreeBSD.ORG References: <20030101181330.C8233@disp.oper.dinoex.org> <3E134659.78028611@mindspring.com> <20030106173652.A495@disp.oper.dinoex.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030106173652.A495@disp.oper.dinoex.org> User-Agent: Mutt/1.5.1i Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG # pmc@citylink.dinoex.sub.org / 2003-01-06 17:36:52 +0100: > ! > Background: This environment should be configured to use > ! > an internet connection for internet-relevant things, but to > ! > work flawlessly without such a connection as long as matters > ! > do concern only systems within the LAN. > ! > ! This is called a "split horizon DNS", and you need to run two > ! DNS servers, one interior, and one exterior, both authoritative > ! for your domain, in order for this to work. The problem is that > ! you are forwarding a request that should be local, and you are > ! doing it because your local server does not pass the authority > ! test for your local domain. > > Well, I think I got it now. What I did not know was that any > nameserver installation is expected to always have some kind > of root nameserver accessible (either the real ones from the > internet, or elseways a local shortcut) in order to function > properly. This is wrong in at least two ways. An authoritative content server doesn't need to know root servers, because they're out of it's business. A non-recursive (forwarding-only) resolver doesn't need to know root servers, just the upstream resolver it forwards all requests to. -- If you cc me or remove the list(s) completely I'll most likely ignore your message. see http://www.eyrie.org./~eagle/faqs/questions.html To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message