bind9 delegation

Joachim Schrod jschrod at acm.org
Tue Jan 15 08:14:58 UTC 2008 

ubuntu at acrasis.net wrote:
> On a small network, a host 'neptune' is the nameserver for an internal
> domain 'nicklan'.  I would like one of the hosts, 'nicklite.nicklan', to
> be the nameserver for the subdomain 'jupiter.nicklan'.  The hosts in
> this subdomain will all be one and the same as 'nicklite.nicklan'.
> 
> neptune and nicklite both run bind9.  The respective zone files are
> 
> neptune:
>    @ IN SOA neptune.nicklan. root.localhost. (
>        56   ; Serial
>       3h   ; Refresh
>       1h   ; Retry
>       1w   ; Expire
>       1h ) ; Negative Cache TTL
>    ;
>               IN   NS   neptune.nicklan.
> 
>    @          IN  A   172.23.63.2
>    neptune    IN  A   172.23.63.2
>    nicklite   IN  A   172.23.63.100
> 
>    ; Attempt delegation of 'jupiter' subdomain.
>    jupiter.nicklan.  IN NS ns.jupiter.nicklan.
>    ns.jupiter.nicklan. A 172.23.63.100
> 
> nicklite:
>    @ IN SOA ns.jupiter.nicklan. root.localhost. (
>        32   ; Serial
>       3h   ; Refresh
>       1h   ; Retry
>       1w   ; Expire
>       1h ) ; Negative Cache TTL
>    ;
>               IN   NS   ns.jupiter.nicklan.
> 
>    @          IN  A   172.23.63.100
>    ns         IN  A   172.23.63.100
>    foo        IN  CNAME  ns
> 
> The nameserver on nicklite seems to work, e.g.
> 
>    # host foo.jupiter.nicklan.
>    foo.jupiter.nicklan is an alias for ns.jupiter.nicklan.
>    ns.jupiter.nicklan has address 172.23.63.100
> 
> Likewise the nameserver on neptune, e.g.
> 
>    # host nicklite.nicklan.
>    nicklite.nicklan has address 172.23.63.100
> 
> But the nameserver on neptune does not seem to know about the subdomain:
> 
>    # host foo.jupiter.nicklan.
>    Host foo.jupiter.nicklan not found: 3(NXDOMAIN)
> 
> Am I trying to do something infeasible, and if not, how to make it work?

Your zone files look OK, thus the problem is probably your 
named.conf. Or you didn't increment your serial.

I assume that resolv.conf on both systems causes localhost to be 
queried, right?

On neptune, are the delegation records known? I.e., does it answer 
for the NS record of jupiter.nicklan. and the A record of 
ns.jupiter.nicklan.?

	Joachim

-- 
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Joachim Schrod				Email: jschrod at acm.org
Roedermark, Germany

More information about the ubuntu-users mailing list