On Tue, Apr 1, 2008 at 6:22 PM, vincenzo romero <new2xen at gmail.com> wrote: > zone "company.com." IN { > type forward; > forwarders { 10.100.1.24 port 53; > }; In myhost.lab.company.com you probably want to do a forward of all requests to ns.company.com, that would be the "canonical" way of cascading name servers. > I want any other queries that lab.company.com is not authoritative > for, to go to the Name Server of company.com. Exactly, you need a global "forwarders" section in your named.conf (have a look at the man pages). > I did try now to edit a test machine so that its resolv.conf file shows: > > search lab.company.com company.com > nameserver 192.168.17.2 > nameserver 10.100.1.24 You probably don't want both nameservers in resolv.conf, for the machines in "lab.company.com" you'll want only 192.168.17.2, and for the ones in "company.com" you don't want them querying your nameserver too. Maybe for backup, but then you'd better have two at 192.168.17 and two or more at 10.100.1 network. > 1. I can ping, and do host <hostname> and ip address > 2. nslookup <hostname> resolves .. > 3. but nslookup IPaddress returns with a listing of ROOT servers: You need to create authoritative zones for the reverse, like 17.168.192.in-addr.arpa. Your questions are starting to go too much DNS and BIND specific. In this case, I would suggest you to either: 1) Read the DNS and BIND book, which is excellent!!! 2) Look for a mailing list/forum specific to DNS and BIND. If you're going to run name servers, you should try to improve your knowledge of DNS. It's not a very simple protocol, and reading a book such as DNS and BIND will bring you valuable knowledge that will serve you if you'll ever need to troubleshoot your server. HTH, Filipe