Sub Domain Resolving Problem.

Tue Aug 15 21:45:04 UTC 2000

Graham Paul Wooden wrote:

> Hello All,
>
> I have been pulling my hair out for the past week trying to figure this out.
> I am some what familiar of how DNS/ BIND works, but I am at a total loss
> here.
>
> Here is what I want to happen:
> I want a local subdomain server, ServerA, to host a zone "us.tridia.com",
> which "us.tridia.com" is for private, internal machines. So, if
> host1.us.trida.com queries for host2 in the same subdomain, it can happen.

I assume ServerA has no direct connectivity to the Internet, right?

> If the query does not exist in the "us.tridia.com" zone, immediately go to
> the second server, ServerB, which is in live IP space( the same sever which
> has the "tridia.com" zone), and take it from there. I do not want ServerB to
> know about hosts in ServerA, however I want ServerA to know about hosts in
> ServerB and beyond.

This can work, but not with your understanding of "go to". See below.

> I have setup a zone transfer to come from ServerB down into ServerA, for the
> "tridia.com".
> Everything is fine with that, I think. I can query "host1.tridia.com" and I
> get immediate results.
> However, if I use nslookup, and query "host1.us.tridia.com", I get a
> non-existent host/domain.

This part I don't understand. According to the config files, ServerA is master
for us.tridia.com, so it should be able to resolve names in that zone
regardless of what other zones are defined. Did it work before the zone
transfers of the parent zone? Are you sure the zone is loading properly? Are
there any errors in the log file at load time? If you dump the database (using
"ndc dumpdb" or sending SIGINT to named), are the records for that zone in the
dump?

> As well, I get this for all domains. Like "www.yahoo.com" and
> "www.redhat.com", it fails on them too.
>
Did those work before you configured the zone transfers? If ServerA has no
direct Internet connectivity, I can't see how they could have worked in the
absence of some sort of forwarding arrangement.

> ServerA does have resolve.conf to point to itself first, and has ServerB as
>        the second, but its like it doesn't want to pass the torch or something.
>
Nameservers don't use /etc/resolv.conf to make name-resolution decisions. If
you want ServerA to "pass the torch" to ServerB, then you need to explicitly
set up a forwarding arrangement between them. Put "forward only" and
"forwarders { x.x.x.x; };" (where x.x.x.x is ServerB's IP address) in ServerA's
"options" statement. Also, for this to work, ServerB needs to allow recursive
queries from ServerA. This configuration should permit ServerA to resolve names
through ServerB, but it'll only ask if the name isn't already in its cache or
authoritative data, so queries for names in us.tridia.com will never be
forwarded. At least, this is the way it *should* work, but apparently you have
some problem loading your internal domain, so you need to get that sorted out
before the forwarding setup will work.

- Kevin