delegating NS control of subdomain to another BIND
Kevin Darcy
kcd at daimlerchrysler.com
Fri Jul 20 22:13:24 UTC 2001
Add A records for ns{1,2}.subdomain.mydomain.org into the mydomain.org
zone. These are "glue" records, and they're necessary in this case
because the names of the nameservers are in the domain being delegated,
and this causes a nasty chicken-and-egg problem, i.e. how to resolve the
names of the nameservers when they are in the domain which you can't
resolve. Glue records break the stalemate.
- Kevin
madduck at madduck.net wrote:
> ... and i really thought i was down with BIND8/9...
>
> i can't seem to find a solution to the following problem:
> (sorry for the sizely post...)
>
> mydomain.org is handled by ns{1,2}.mydomain.org.
> so ns1.mydomain.org has a zone for mydomain.org, with an entry
> mydomain.org IN NS ns1.mydomain.org
> and ns2.mydomain.org slaves this zone.
>
> now i would like to create a new zone, subdomain.mydomain.org,
> and i want it to be controlled by two separate nameservers,
> ns{1,2}.subdomain.mydomain.org.
>
> i thought that i could simply create an entry
> subdomain IN NS ns1.subdomain.mydomain.org
> IN NS ns2.sybdomain.mydomain.org
> within the mydomain.org zone, and then any request to
> subdomain.mydomain.org and its children are delegated to
> ns{1,2}.subdomain.mydomain.org.
>
> the subdomain.mydomain.org zone contains an A record for @ as well as
> A records for ns1 and ns2 plus some other A records for other hosts.
>
> now, from a host that uses ns{1,2}.mydomain.org as its nameservers, i
> am doing the following tests:
>
> ns1.mydomain.org => 192.168.14.1
> ns2.mydomain.org => 192.168.14.11
> ns1.subdomain.mydomain.org => 192.168.14.13
> ns2.subdomain.mydomain.org => 192.168.14.14
>
> (1) direct queries agains ns{1,2}.subdomain.mydomain.org
> (this all works for both).
>
> fishbowl:~> host -t ns subdomain.mydomain.org 192.168.14.13
> subdomain.mydomain.org NS ns2.subdomain.mydomain.org
> subdomain.mydomain.org NS ns1.subdomain.mydomain.org
>
> fishbowl:~> host subdomain.mydomain.org 192.168.14.13
> subdomain.mydomain.org A 192.168.14.21
>
> fishbowl:~> host ns1.subdomain.mydomain.org 192.168.14.13
> ns1.subdomain.mydomain.org A 192.168.14.13
>
> fishbowl:~> host ns2.subdomain.mydomain.org 192.168.14.13
> ns2.subdomain.mydomain.org A 192.168.14.14
>
> fishbowl:~> host mail.subdomain.mydomain.org 192.168.14.13
> mail.subdomain.mydomain.org A 192.168.14.7
>
> ===> ns{1,2}.subdomain.mydomain.org correctly resolve their
> zones
>
> (2) queries agains ns{1,2}.mydomain.org
> (this all works for both)
>
> fishbowl:~> host -t ns mydomain.org 192.168.14.1
> mydomain.org NS ns1.mydomain.org
> mydomain.org NS ns2.mydomain.org
>
> fishbowl:~> host -t ns subdomain.mydomain.org 192.168.14.1
> subdomain.mydomain.org NS ns1.subdomain.mydomain.org
> subdomain.mydomain.org NS ns1.subdomain.mydomain.org
> !!! subdomain.mydomain.org NS host ns1.subdomain.mydomain.org does
> not exist
> !!! subdomain.mydomain.org NS host ns2.subdomain.mydomain.org does
> not exist
> subdomain.mydomain.org has lame delegation to
> ns1.subdomain.mydomain.org
> subdomain.mydomain.org has lame delegation to
> ns2.subdomain.mydomain.org
>
> fishbowl:~> host ns1.subdomain.mydomain.org 192.168.14.1
> ns1.subdomain.home.madduck.net does not exist (Authoritative answer)
>
> fishbowl:~> host mail.subdomain.mydomain.org 192.168.14.1
> ns2.subdomain.home.madduck.net does not exist (Authoritative answer)
>
> do you have any ideas how i can configure this?
>
> thanks,
> martin; (greetings from the heart of the sun.)
> \____ echo mailto: !#^."<*>"|tr "<*> mailto:" net at madduck
> --
> click the start menu and select 'shut down.'
More information about the bind-users
mailing list