Can I be a parent for a zone and a slave for a subdomain?

Mon Sep 18 20:48:26 UTC 2000

Michele Chubirka wrote:

> But if I delegate a subdomain, the entry in my db file lists the
> nameserver(s) for that delegated domain. So then  how does named decide
> where to go?!

If a nameserver is master or slave for a zone, it has a full copy of everything
in the zone. It doesn't need to "go" anywhere to get the data, so it doesn't
use those NS records to resolve queries in the zone.

> Won't I get lots of non-authoritative answers for anything in
> that delegated subdomain if I do it this way?

See above. You're not "go"ing anywhere so you're not getting answers,
non-authoritative or otherwise.

> Will it check the db file
> which has been zone transferred first instead of following the pointer to
> the subdomain's name server?

It will load the db file when it starts up, so it'll already be in memory.
It'll answer from that in-memory data.

> Is this really the best way to do this?

Depends on what your requirements are, of course. Generally speaking, the more
slaves you have for a zone, the better performance and resiliency you obtain
for that zone. As explained above and previously, it doesn't hurt anything for
a server to be master for a parent zone and slave for a child zone, or
_vice_versa_, so why not define it that way?

> What
> about the in-addr.arpa files, won't  I have conflicts with that? Instead of
> pointing to a nameserver for the delegated zone, they'll have hostname
> entries.

in-addr.arpa is a separate branch of the DNS namespace. Whatever you do in
in-addr.arpa doesn't really impact what you do in other parts of the namespace
or _vice_versa_, as long as you're not exceeding the capacity of your
nameserver(s) or whatnot.

> Wouldn't it be better to have the subdomains be secondaries for
> each other?

Six of one, half a dozen of the other. You could do *both* if you want to be
redundant to the max.

- Kevin

> ----- Original Message -----
> From: "Kevin Darcy" <kcd at daimlerchrysler.com>
> To: <bind-users at isc.org>
> Sent: Friday, September 15, 2000 11:42 PM
> Subject: Re: Can I be a parent for a zone and a slave for a subdomain?
>
> >
> > A subzone delegation, in and of itself, publishes the existence of a zone
> in
> > the DNS database, but it does not specify who is master and who is slave
> for
> > the zone. This is something that needs to be configured "privately" into
> the
> > nameservers themselves. In the case of BIND, you configure the
> master/slave
> > distinction and associated parameters in the named.conf file. So no,
> there's no
> > contradiction in delegating a subzone and also being slave for it. These
> things
> > are configured in different places and serve different purposes. Being a
> master
> > means maintaining the original copy of the zone file; being a slave means
> you
> > get only a replica of the zonefile through an automated process. No-one
> else
> > really knows for sure, or cares, who the slave and who the master is. All
> the
> > delegation records do is provide enough information so that
> > *some* authoritative (i.e. master *or* slave, it doesn't matter)
> nameserver can
> > be found to answer the queries.
> >
> >
> >
> > - Kevin
> >
> > Michele Chubirka wrote:
> >
> > > I've recently taken over the VERY large task of repairing our zone and
> > > upgrading our name server to Bind 8 from 4.97. I'm relatively new to
> > > DNS/Bind, but I've been closely studying this list and the O'Reilly Bind
> > > book.
> > > We have a class B subnet and administer a large domain with many
> subdomains.
> > > What I'm really confused about is that (according to the book and the
> > > representatives from ISPs I've spoken to) I understood that if I
> delegated a
> > > subdomain, I only maintained pointers to those domains by including
> their
> > > nameservers in my db files for said subdomains.
> > > I have a master and secondary nameserver upon which I make
> changes/updates.
> > > But after closely studying the files and speaking to the administrator
> for
> > > one of our subdomains, she indicates that she makes entries for her
> domains
> > > and then transfers her zone to my primary nameserver. Is this correct?!
> How
> > > can I be a Primary for the parent domain and a secondary for one of my
> > > subdomains? Wouldn't I have to have two configuration files? Or one
> > > indicating that I was primary for the parent zone, but secondary for the
> > > subdomain/child?
> > > When I look in the configuration file for our zone, the subdomain's
> > > nameservers are listed as secondary name servers for my domain, BUT
> THEY'RE
> > > MAKING ENTRIES for the subdomains! If they're secondaries, how can they
> make
> > > entries and be SOA for their subdomains?
> > >
> > > Michele Chubirka
> > > Systems Administrator
> > > George Washington University
> > > 202-994-5791
> >
> >
> >
> >
> >
> >