domain delegation question
Barry Margolin
barmar at genuity.net
Fri Jan 26 19:11:20 UTC 2001
In article <94seuo$sv6 at pub3.rc.vix.com>,
Dean Larson <deanlarson at bigfoot.com> wrote:
>
>thank you for reading this and your help.
>
>we are running a dns server off a firewall and want to do load balancing
>to a radware box. radware requires that we delegate the domain to it,
>but instead of delegating an entire domain to it, they want the
>delegation to happen to a host record. ie:
>the dns server has a ns record for www.company.com
>the radware box gives the A record for www.company.com.
>
>this concept is the same under a cisco load director.
I think you mean Cisco Distributed Director.
>we have a provider, amoung many things, verifies how our dns servers are
>responding. this delegation works fine under nt's older version of
>bind, but hangs on a solarius box running bind 8.
>
>to me it seems like an incorrect way to delegate a domain. i would have
>expected to see www.yyy.company.com (delegated domain would be
No, there's nothing wrong with this type of delegation. What's the
difference between delegating www.company.com from the company.com domain,
with an A record on www.company.com, and delegating the company.com domain
from the com domain and having A and/or MX records on company.com?
>yyy.company.com). did bind 8 change the way it looks at this
>delegation? maybe thinking this type of delegation is some dns
>poisoning.
The server performing the delegation doesn't look at the child server at
all (unless you're using "stub" zones). It just sends out the NS records
to a client who queries it. So it has no idea that the child has an A
record on www.company.com (not that it would care if it did).
I suggest you turn on debugging on your caching server to see what it's
doing when you try to look up www.company.com.
--
Barry Margolin, barmar at genuity.net
Genuity, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.
More information about the bind-users
mailing list