forwarding to a child zone is different!!

Mon Apr 23 18:21:41 UTC 2001

Hi.
I have recently installed bind 9.1.1.
The environment is a moderate test environment.

It seems that forwarding to a child zone from within a parent zone doesn't
work
unless there are glue(!?) NS records in the zone file of the parent for the
nameserver
of the child zone explicitly telling "bind" that this child has been
delegated.
(glue(!?) A records are not necessary!)

Here are my files in the parent domain.
named.conf:

zone "." {
	type hint;
	file "cache";
};

zone "thisdomain.com" {
	type master;
	file "db.thisdomain.com";
};

zone "child.thisdomain.com" {
	type forward;
	forward only;
	forwarders { ip_addr_of_ns_of_child_of_thisdomain; };
};

zone "child.anotherdomain.com" {
	type forward;
	forward only;
	forwarders { ip_addr_of_ns_of_child_of_anotherdomain; };
};

db.thisdomain.com:

$TTL 864000
$ORIGIN thisdomain.com.
@	IN SOA  thisdomain.com. hbadbanchi.thisdomain.com. ( 1 3600 300
3600000 86400 )
@	IN NS  ns
ns	IN A   ip_addr_of_ns_of_thisdomain
child	IN NS  child.thisdomain.com		<<< can't resolve names if
this line is omitted!!!

It seems that "bind" will not try to lookup "child.thisdomain.com" zone
when he himself is authorative for "thisdomain.com", AND there are no NS
records specifying that "child.thisdomain.com" has been delegated.

Is this the way it is supposed to be?
While we have explicitely specified "ip_addr_of_ns_of_child_of_thisdomain"
in the zone
statement, why there should additionally be an NS record for the child zone
in the parent
zone in this case that we have a zone statement for the child?

Interestingly if all the nameservers for "anotherdomain.com" are down
still names in "child.anotherdomain.com" can be resolved, since the
ip_addr of nameserver of "child.anotherdomain.com" which is specified in the

zone statement will be contacted directly.

And ofcourse the names in "child.thisdomain.com" can be resolved from any
other domain
(execpt the parent) even if there are no NS records in "thisdomain.com" for
this child,
or even if all the nameservers of "thisdomain.com" are down.
You see.
My problem is that why the parent himself can not resolve names which others
can
independent of this parent.

Is this an implementation decision or is it part of an RFC?

I highly appreciate any comments.

hbadbanchi at webasto.de