having my master nameserver resolve another zone...
Cricket Liu
cricket at nxdomain.com
Wed Jan 29 21:24:16 UTC 2003
On Wednesday, January 29, 2003, at 12:49 PM, Christopher L. Barnard
wrote:
> I must be missing something here, but I do not see what.
>
> I am trying to add the new zone "corp.cbot.com" under the existing
> cbot.com.
> Because of some other requirements, this server is actually "cbott.com"
> (note the extra t). cbott.com has been registered with Internic, so
> that
> should not be an issue. I suppose it does not matter actually, since
> it
> is internal-only...
>
> What I am trying to do is have a machine "foobar.cbott.com" resolve as
> "foobar.corp.cbot.com", thus masking the fact that it is really in the
> cbott.com zone. I am trying to fight one forest fire at a time, so I
> want to resolve just "foobar.cbott.com" first. Then I'll tackle
> having it
> resolve as foobar.corp.cbot.com. I have put in the master forward dns
> table the glue records
>
> cbott.com. IN NS cbottad1.cbott.com.
> cbott.com. IN NS cbottad2.cbott.com.
>
> and the corresponding A records for their IP.
>
> cbottad1.cbott.com. IN A 164.74.77.101
> cbottad2.cbott.com. IN A 164.74.77.102
>
> I can use DiG to transfer the zone, so I know that a DNS server is
> running on these boxes. However, when I do a dig on the record, it is
> unknown:
>
> srvns1!/var/named/etc/domain >> dig @srvns1 cbottad1.cbott.com
>
> ; <<>> DiG 9.2.1 <<>> @srvns1 cbottad1.cbott.com
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54790
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;cbottad1.cbott.com. IN A
>
> ;; AUTHORITY SECTION:
> com. 10690 IN SOA A.GTLD-SERVERS.NET.
> NSTLD.VERISIGN-GRS.com. 2003012900 1800 900 604800 86400
>
> ;; Query time: 2 msec
> ;; SERVER: 164.74.143.202#53(srvns1)
> ;; WHEN: Wed Jan 29 13:21:50 2003
> ;; MSG SIZE rcvd: 109
>
> btw, this is an internal nameserver configuration. Those of you who
> might
> do an access of cbot.com will get the "outside" DNS that is done by
> uunet.
Even though it's an internal name server, it's got a cached NXDOMAIN
response
from one of the com name servers. (It's probably marked authoritative
because
this is a BIND 8 name server with auth-nxdomain set.)
Are you sure this name server is in fact authoritative for cbott.com?
It's not
responding as though it is.
cricket
More information about the bind-users
mailing list