Bypass my root NS to get adresses from other NSs ??

Kevin Darcy kcd at daimlerchrysler.com
Sat Feb 3 00:15:15 UTC 2001 

There is no such concept as domain "bind"ing in DNS. Perhaps you mean
"delegation". But delegations flow downwards, i.e. rootdomain.fr can delegate
control of domain1.rootdomain.fr to your nameserver, but that doesn't obligate
your nameserver to send queries for unrelated domains (e.g.
interest1.rootinterest.com) to the rootdomain.fr master. Just because you are
master for a particular zone doesn't mean you treat the master of your parent
zone specially; in fact, your server may not have any special knowledge of who
any of its' zones' masters even *are*.

Of course, if you are *forwarding* to the rootdomain.fr master by default,
that would be a different matter. In that case, the important question
becomes: do you have direct connectivity to the rootinterest.com
nameservers? If so, then you could define a rootinterest.com zone on your
nameserver as either a) "type forward", specifying the rootinterest.com
nameservers in "forwarders", or as b) "type stub" or "type slave", specifying
the rootinterest.com nameservers in "masters", and also with a "forwarders
{ };" statement to prevent forwarding for any subzones of rootinterest.com.
You'll need a modern version of BIND (8.2.3 or 9.1) to implement either
option. Note that being a slave requires that the rootinterest.com servers
allow you to do zone transfers. Also, it may incur significant zone transfer
overhead, especially if you are not implementing IXFR (Incremental Zone
Transfer). On the positive side, being a slave gives you more redundancy,
since you have a complete copy of the zone.

Examples:

zone "rootinterest.com" {
    type forward;
    forward only;
    forwarders { x.x.x.x; y.y.y.y; z.z.z.z; };
};

-or-

zone "rootinterest.com" {
    type slave; // or "type stub"
    file "rootinterest.com";
    masters { x.x.x.x; y.y.y.y; z.z.z.z; };
};




- Kevin

news.wanadoo.fr wrote:

> Hi there,
>
> Pb to understand the main DNS architecture:
>
> Can I bind directly from a sub-domain to another subdomain of another root
> domain
> (sub1.domain1.fr to domain2.com) ?
>
> more information:
>
> my domain is:
>     domain1.rootdomain.fr
> an interesting domain dame for us is :
>     interest1.rootinterest.com
>
> My NS is now a child of rootdomain.fr, and some problems occur when trying
> to
> join rootinterest.com (rootdomain.fr administrators have set up their NS in
> a W2000
> box :-( )
>
> What i want to do is to bind directly from our NS to the sub-domain
> rootinterest.com
>
> Can I really do that ?

More information about the bind-users mailing list