subdomain forwarders problem
Cricket Liu
cricket at acmebw.com
Tue Nov 23 23:11:23 UTC 1999
> I seem to have hit an issue with subdomains and the way BIND handles them
as
> forward zones. I'm running 8.2.2_P5 everywhere. Basically we have
> authoritative servers for each of several subdomains in our network, for
> instance:
>
> ns00.devel.name.dom is authoritative for devel.name.dom
> ns00.test.name.dom is authoritative for test.name.dom
> ns00.sv.name.dom is authoritative for sv.name.dom
>
> We also have the two name servers listed as authoritative for name.dom and
> they are publicly addressed. They hold secondary zones for everything
> in the test, sv, and devel subdomains. The idea being here that all
> hosts in devel.name.dom will resolve DNS from their respective subdomain
> server, and if that server doesn't know the answer it is set globally to
> "forward only;" to the two public name servers.
>
> This idea works great except for one of the servers. We don't want to
have
> the authoritative information for our second level domain (name.dom) held
> on the publicly addressed server for security reasons. We'd rather have
it
> stored on, say, ns00.test.name.dom, and then secondaried to the public
> servers. But, as soon as I put in a master zone statement in named.conf
for
> "name.dom", the server apparently thinks that the name.dom zone file
should
> contain authoritative information for all the subdomains denver, test, and
> sv, and it will immediately stop forwarding requests for any of those
hosts
> to the outside DNS servers. It starts returning NXDOMAIN errors.
It sounds like you're missing NS records delegating the name.dom subzones
in the name.dom zone data file. But that's just a guess.
cricket
Acme Byte & Wire
cricket at acmebw.com
www.acmebw.com
Attend the next Internet Software Consortium/Acme Byte & Wire
DNS and BIND class! See www.acmebw.com/training.htm for
the schedule and to register for upcoming classes.
More information about the bind-users
mailing list