delegation problem
Mark Andrews
Mark_Andrews at isc.org
Wed Sep 15 23:02:33 UTC 2004
This has been going on too long.
Add "forwarders { /* empty */ } ;" to the zeca.maneca zone
declaration. This will override the forwarders in the
options / view section.
Mark
> Hi,
> thanks for helping
> i've edited zeca.maneca.db ( btw it's a funny portuguese name just for
> testing :-) ) file like you said:
>
> cat /var/named/chroot/var/named/zeca.maneca.db
> $ORIGIN zeca.maneca.
> $TTL 900 ; 15 minutes
> @ IN SOA zeca.maneca. root (
> 2004041700 ; serial
> 21600 ; refresh (6 hours)
> 1800 ; retry (30 minutes)
> 604800 ; expire (1 week)
> 900 ; minimum (15 minutes)
> )
> IN A 192.168.1.5
> IN NS jimi.liber4e.zapto.org.
>
> hosting-test IN NS nameserver.hosting-test.zeca.maneca.
> nameserver.hosting-test.zeca.maneca. IN A 192.168.1.100
>
> ###########################################
>
> But still nothing shoes up, strange no?
>
> dig hosting-test.zeca.maneca any
>
> ; <<>> DiG 9.2.3 <<>> hosting-test.zeca.maneca any
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59379
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;hosting-test.zeca.maneca. IN ANY
>
> ;; Query time: 113 msec
> ;; SERVER: 192.168.1.5#53(192.168.1.5)
> ;; WHEN: Wed Sep 15 12:57:18 2004
> ;; MSG SIZE rcvd: 42
>
> ########################
>
> dig nameserver.hosting-test.zeca.maneca any
> ; <<>> DiG 9.2.3 <<>> nameserver.hosting-test.zeca.maneca
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36782
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;nameserver.hosting-test.zeca.maneca. IN ANY
>
> ;; Query time: 189 msec
> ;; SERVER: 192.168.1.5#53(192.168.1.5)
> ;; WHEN: Wed Sep 15 12:54:08 2004
> ;; MSG SIZE rcvd: 53
>
>
>
>
> Ladislav Vobr wrote:
>
> > see below...
> >
> > Ladislav
> >
> > jose nuno neto wrote:
> >
> >> Hi,
> >>
> >> I'm trying to setup a delegation zone in my internal network, i've
> >> read a lot, googled a lot but still it doesn't work
> >> My main DNS server (192.168.1.5) has:
> >> file named.conf
> >> .......
> >> zone "zeca.maneca" {
> >> type master;
> >> notify no;
> >> file "zeca.maneca.db";
> >> allow-transfer { 127.0.0.1; };
> >> };
> >> ..........
> >> file zeca.maneca.db
> >> $ORIGIN zeca.maneca.
> >> $TTL 900 ; 15 minutes
> >> @ IN SOA zeca.maneca. root (
> >> 2004041700 ; serial
> >> 21600 ; refresh (6 hours)
> >> 1800 ; retry (30 minutes)
> >> 604800 ; expire (1 week)
> >> 900 ; minimum (15 minutes)
> >> )
> >> IN A 192.168.1.5
> >> IN NS jimi.liber4e.zapto.org. (other zone i have
> >> configured)
> >> hosting-test NS nameserver.hosting-test.zeca.maneca.
> >> nameserver.hosting-test IN A 192.168.1.100
> >>
> >> My delegated server (192.168.1.100) has
> >> file named.conf
> >> .........
> >> zone "hosting-test.zeca.maneca" IN {
> >> type master;
> >> file "hosting-test.zeca.maneca.zone";
> >> };
> >> ............
> >>
> >> file hosting-test.zeca.maneca.zone
> >> $ORIGIN hosting-test.zeca.maneca.
> >> $TTL 900 ; 15 minutes
> >> @ IN SOA hosting-test.zeca.maneca. root (
> >> 2004041700 ; serial
> >> 21600 ; refresh (6 hours)
> >> 1800 ; retry (30 minutes)
> >> 604800 ; expire (1 week)
> >> 900 ; minimum (15 minutes)
> >> )
> >> IN A 192.168.1.100
> >> IN NS nameserver.hosting-test.zeca.maneca.
> >> nameserver IN A 192.168.1.100
> >>
> >> #####################################
> >>
> >> When I do:
> >> dig hosting-test.zeca.maneca
> >> ; <<>> DiG 9.2.3 <<>> hosting-test.zeca.maneca
> >> ;; global options: printcmd
>> ;; Got answer:
> >> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30745
> >> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
> >>
> >> ;; QUESTION SECTION:
> >> ;hosting-test.zeca.maneca. IN A
> >>
> >> ;; Query time: 132 msec
> >> ;; SERVER: 192.168.1.5#53(192.168.1.5)
> >> ;; WHEN: Tue Sep 14 17:48:01 2004
> >> ;; MSG SIZE rcvd: 42
> >
> >
> >
> > as I see above 192.168.1.5 is authoritative a zeca.maneca zone (btw,
> > what is this :-) ). You asked about A record (default) for
> > hosting-test.zeca.maneca which is not defined in the file, you have
> > defined only the NS record. that's why you see NXDOMAIN aswer
> >
> >>
> >> ###################################
> >>
> >> and when I do:
> >> dig hosting-test.zeca.maneca @192.168.1.100
> >> ; <<>> DiG 9.2.3 <<>> hosting-test.zeca.maneca @192.168.1.100
> >> ;; global options: printcmd
> >> ;; Got answer:
> >> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25929
> >> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
> >>
> >> ;; QUESTION SECTION:
>> ;hosting-test.zeca.maneca. IN A
> >>
> >> ;; ANSWER SECTION:
> >> hosting-test.zeca.maneca. 900 IN A 192.168.1.100
> >>
> >> ;; AUTHORITY SECTION:
> >> hosting-test.zeca.maneca. 900 IN NS
> >> nameserver.hosting-test.zeca.maneca.
> >>
> >> ;; ADDITIONAL SECTION:
> >> nameserver.hosting-test.zeca.maneca. 900 IN A 192.168.1.100
> >>
> >> ;; Query time: 12 msec
> >> ;; SERVER: 192.168.1.100#53(192.168.1.100)
> >> ;; WHEN: Tue Sep 14 17:48:09 2004
> >> ;; MSG SIZE rcvd: 99
> >>
> >
> > on the other hand 192.168.1.100 is authoritative for
> > hosting-test.zeca.maneca and you have defined the A records for
> > nameserver.hosting-test.zeca.maneca. thus you see what you see.
> >
> > If you want to delegate from 192.168.1.5 hosting-test.zeca.maneca to
> > 192.168.1.100 you have to mentioned in the zeca.maneca.db on
> > 192.168.1.5 the following
> >
> > hosting-test IN NS nameserver.hosting-test.zeca.maneca.
> > nameserver.hosting-test.zeca.maneca. IN A 192.168.1.100
> >
> > you should always have more than one NS record (more than one
> > nameserver)..
> >
> >> What I'm missing here? any hints are very welcome
> >>
> >> Best regards
> >> Jose Nuno Neto
> >>
> >>
> >>
> >
>
>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users
mailing list