SOA/NS Question

Jim Reid jim at mpn.cp.philips.com
Thu Sep 16 17:31:06 UTC 1999 

>>>>> "Barry" == Barry Finkel <b19141 at achilles.ctd.anl.gov> writes:

    Barry> We have NOT listed dns0 in a NS record, as we do not want
    Barry> machines to query that name server.  The SOA record points
    Barry> to dns1, as that is the "primary" dns server we want
    Barry> machines to be querying.  Our off-site secondaries are
    Barry> generating error messages stating that dns1 is really not
    Barry> the SOA.

What a strange thing to complain about. NS records have nothing to do
with the zone's SOA record. So saying "dns1 is really not the SOA" is
self-evident. It's as fatuous as saying "an A record is not the same
thing as a PTR record". Presumably the error messages are actually
about something else: like dns1 is not the master server for the
domain. [Please note that this sort of confusion is why posters to
this list should supply the *actual* messages from the error logs: not
a paraphrased or garbled misinterpretation of them.]

    Barry> Can I correct the problem by changing the SOA to point to
    Barry> dns0?  Will machines begin to query dns0, or will they not
    Barry> query dns0 because dns0 does not appear in an NS record?

If the MNAME field of the SOA record does not the real master name
server for the domain, dynamic DNS updates will probably not work. The
MNAME in the SOA is the only way to reliably determine where the
zone's master server is located. [Other than for dynamic DNS updates,
nothing really cares what's in that field of the SOA record.] If your
zone contains no NS record pointing at dns0, there should be no reason
for other name servers to query it. Of course it could still be on
the receiving end of queries from forwarding name servers and
resolvers that have the IP address of dns0 hard-wired into them.

    Barry> If I can change the SOA to point to dns0 without problems,
    Barry> then this will aid in one problem I will have with Windows
    Barry> 2000.  Win2000 finds the SOA for a zone to determine to
    Barry> which dns it should send a dynamic update.

Aha! You finally begin to explain your problem. The W2K box is sending
dynamic DNS updates and probably relies on the MNAME field of the
zone's SOA record to figure out where to send that update request.
Since you've set this to be one of your slave servers - dns1 - your
DNS is telling lies to the W2k box. Presumably this is causing
something to croak because this slave server probably hasn't been
configured to handle dynamic DNS updates.

More information about the bind-users mailing list