vincenzo romero wrote: > thanks for the response! > > On Tue, Apr 1, 2008 at 3:09 PM, Les Mikesell <lesmikesell at gmail.com> wrote: > >> Is this supposed to have something to do with either company.com or >> lab.company.com? It doesn't. And is there some reason you only want >> the forwarder to only handle one zone? >> > > my bad a typo .. it is : > > zone "company.com." IN { > type forward; > forwarders { 10.100.1.24 port 53; > }; > > ... > > I want any other queries that lab.company.com is not authoritative > for, to go to the Name Server of company.com. That happens anyway if the forwarder is not authoritative - that is, the forwarder will act as a caching proxy. > ... > > I did try now to edit a test machine so that its resolv.conf file shows: > > search lab.company.com company.com > nameserver 192.168.17.2 > nameserver 10.100.1.24 > > 1. I can ping, and do host <hostname> and ip address > 2. nslookup <hostname> resolves .. > 3. but nslookup IPaddress returns with a listing of ROOT servers: > > nslookup 10.100.1.24 > Server: 192.168.17.2 > Address: 192.168.17.2#53 > > Non-authoritative answer: > 24.1.100.10.in-addr.arpa name = ns.company.com. Does this zone file have an NS record for the server that answers? > > Authoritative answers can be found from: > . nameserver = l.root-servers.net. > . nameserver = m.root-servers.net. > . nameserver = a.root-servers.net. > . nameserver = b.root-servers.net. > . nameserver = c.root-servers.net. > . nameserver = d.root-servers.net. > . nameserver = e.root-servers.net. > . nameserver = f.root-servers.net. > . nameserver = g.root-servers.net. > . nameserver = h.root-servers.net. > . nameserver = i.root-servers.net. > . nameserver = j.root-servers.net. > . nameserver = k.root-servers.net. It's not really polite to send private IP reverse lookups to the public root servers, but I suppose millions of places do... -- Les Mikesell lesmikesell at gmail.com