We have a bind9 (version 9.18.4-2) DNS server called ns1.home.arpa at 10.100.200.1 running on Debian which acts as our primary DNS server for multiple local subnets (10.100.0.0/16 and 10.200.0.0/16) and manages different *.home.arpa zones.
We now also have a different (legacy :P) NS at 10.0.0.210 (which I do not have access to) that manages some other *.our-company.lan zones. Due to routing and firewalls our primary NS (10.100.200.1) cannot reach the other legacy NS at 10.0.0.210 as these subnets are isolated (and if possible we'd prefer to keep it that way). Most of the clients can reach 10.0.0.210, however.
Is it possible to tell our primary bind9 server to point clients with *.our-company.lan queries to 10.0.0.210? From my understanding it is possible to set up type forward; zones in bind; however these zones make the bind server act as a proxy and make it try to contact the specified forwarders itself (which won't work, due to routing).
Is there a way for the bind9 server to tell clients, that query some .our-company.lan domain, to retry this query on the other NS instead, i.e. some sort of redirect?
(Of course we could add 10.0.0.210 as a secondary NS for every single client, but that would be a pain and be our last resort).
TLDR: Is it possible to setup forwarding, but have the client contact the forwarders?
