Bind doesn't make zone delegation.
Ellad G. Yatsko
eyatsko at ngs.ru
Thu Apr 19 07:38:07 UTC 2012
> Hello!
>
> I have FreeBSD 7.2 x64 installed. And Bind 9.4:
>
> /etc/namedb> named -v
> BIND 9.4.3-P2
>
> I have zone "/united-networks.ru/" and I try to do the following:
> ...
> $ORIGIN sokol.msk.united-networks.ru.
> @ IN NS srvgate
> srvgate IN A 172.31.16.16
> $ORIGIN united-networks.ru.
> ...
>
> As I understand I delegated the SOA (IN NS) to server with name
> srvgate.sokol.msk.united-networks.ru ("srvgate" has no tailing "dot"
> so domain "sokol.msk.united-networks.ru" from $ORIGIN operator
> will be
> appended), then I placed "glue"-record with srvgate.sokol.msk's
> address.
> It is because as I understood nameserver of delegated zone is in it.
>
> From here I thought on the server 172.31.16.16 (it's Ubuntu) I must
> receive DNS-requests related to zone sokol.msk.united-networks.ru.
> For
> example if I try do nslookup sokol.msk.united-networks.ru on FreeBSD
> 7.2 x64. But:
>
> /etc/bind# hostname -f
> srvgate.sokol.msk.united-networks.ru
> /etc/bind# tshark -ta -ni tun0 -R dns
> Running as user "root" and group "root". This could be dangerous.
> Capturing on tun0
>
> ...there is nothing! And FreeBSD issues NXDOMAIN. I say more -
> FreeBSD
> tries to resolve name "sokol.msk.united-networks.ru" through its
> forwarder in
> external world!
>
> Where am I wrong? I simulated this situation with the same
> configurations
> on Ubuntu (Bind 9.7.0-P1) and fresh-installed FreeBSD 9.0 x64
> (Bind 9.8.1-P1).
> All works fine!
>
> -------------------------------------- related portion of
> named.conf --------------------------------------
> options {
> directory "/etc/namedb";
> pid-file "/var/run/named/pid";
> dump-file "/var/dump/named_dump.db";
> statistics-file "/var/stats/named.stats";
>
> listen-on {
> ....
> 127.0.0.1;
> 172.16.0.1;
> 172.16.1.1;
> 172.16.2.1;
> 172.31.0.1;
> };
>
> forwarders {
> 89.222.167.2;
> 8.8.8.8;
> };
> recursion yes;
> allow-recursion {0/0;};
> };
>
> ...
>
> view internal {
> match-clients {
> 127.0.0.0/8;
> 172.16.0.0/12;
> };
> ...
> zone "united-networks.ru" {
> type master;
> file "master/forward/united-networks.ru.internal";
> allow-transfer {
> 172.16.0.2;
> 172.16.16.2;
> 172.31.16.16;
> 172.31.17.0;
> 172.31.18.0;
> };
> };
> ...
> };
> ...
>
> -----------------------------------------------------------------------------------------------------------
>
> Kind regards,
> Ellad
More information about the bind-users
mailing list