delegation troubles!
Alexander Varga
vargalexb at yahoo.com
Tue Dec 13 08:21:50 UTC 2005
At first, thanx for the quick answer
... and now some more real data (i just substituted the company part of domain with "xxx")
My dns is 10.110.15.206 nad I download the xxx.com zone from the omnius.psc.xxx.com, which is the
primary DNS for the seccond Intranet
To not have so an amount of zones defined and beeing downloaded by my DNS, the rest of domains are
to be resolved by my DNS throuh delegation, but it seems, delegation isn't working for now.
Here is a part from the xxx.com domain, the named.conf part of the xxx.com domain, and afterwards
a dig of the two subdomains:
#############################################
$ORIGIN xxx.com.
lpm3autoserver NS omnius.psc
NS qip-dns1.psc
NS qip-dns2.psc
ltc NS omnius.psc
NS qip-dns1.psc
NS qip-dns2.psc
#############################################
zone "xxx.com" {
type slave;
file "xxx.com";
masters {170.191.22.20;};
};
#############################################
bash-2.05$ dig @10.110.15.206 lpm3autoserver.xxx.com
; <<>> DiG 8.3 <<>> @10.110.15.206 lpm3autoserver.xxx.com
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUERY SECTION:
;; lpm3autoserver.xxx.com, type = A, class = IN
;; Total query time: 252 msec
;; FROM: test2 to SERVER: 10.110.15.206 10.110.15.206
;; WHEN: Tue Dec 13 08:17:05 2005
;; MSG SIZE sent: 40 rcvd: 40
bash-2.05$ dig @10.110.15.206 ltc.xxx.com
; <<>> DiG 8.3 <<>> @10.110.15.206 ltc.xxx.com
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUERY SECTION:
;; ltc.xxx.com, type = A, class = IN
;; Total query time: 167 msec
;; FROM: test2 to SERVER: 10.110.15.206 10.110.15.206
;; WHEN: Tue Dec 13 08:19:03 2005
;; MSG SIZE sent: 29 rcvd: 29
Barry Margolin wrote:
> In article <dnk0e7$31d2$1 at sf1.isc.org>,
> Alexander Varga <vargalexb at yahoo.com> wrote:
>
>
>>Hello
>>
>>I have troubles forwarding resolve requests in my internal network to the
>>authoritative DNS
>>server. I am running bind-9.2.2 on Solaris9 OS, and what i need:
>>- I, "myns1", am a slave server for a zone "test.com" located on remote
>>"ns1". In that zone are
>>some A, CNAME records as obvious, and are also subzones defined, pointing to
>>different nameservers
>
>
> I'm confused by your examples below. You say "test.com" here, but the
> zone files are for "tst.com". Maybe you wouldn't screw up so much if
> you posted the *real* zone files instead of trying to obscure them.
>
>
>>########################################################
>>"test,com":
>>$ORIGIN test.com.
>>subzone1 NS ns2
>> NS ns3
>> NS ns4
>>subzone2 NS ns2
>>subzone3 NS ns2
>>#########################################################
>>
>>- i download the zone file, but my DNS is not able to forward requests to the
>>appropriate NS (ns2,
>>ns3, ns4)
>>
>>i tryed to test the delegation by defining own zones, but with no good
>>result. is there something
>>I forgot?
>>#######
>>#DNS1:#
>>#######
>>$ORIGIN .
>>$TTL 86400 ; 1 day
>>testnasa.tst.com IN SOA ns1.test.com. root.test.com. (
>> 2005011701 ; serial
>> 10800 ; refresh (3 hours)
>> 3600 ; retry (1 hour)
>> 604800 ; expire (1 week)
>> 86400 ; minimum (1 day)
>> )
>> NS myns1.test.com.
>> NS myns2.test.com.
>>$ORIGIN testnasa.tst.com.
>>test A 10.5.1.93
>>$ORIGIN tmp.testnasa.tst.com.
>> IN NS myns2.test.com.
>>test1 A 10.5.1.95
>>#############################################################################
>>
>>#######
>>#DNS2:#
>>#######
>>$ORIGIN .
>>$TTL 86400 ; 1 day
>>tmp.testnasa.tst.com IN SOA ns2.test.com. root.test.com. (
>> 2005011701 ; serial
>> 10800 ; refresh (3 hours)
>> 3600 ; retry (1 hour)
>> 604800 ; expire (1 week)
>> 86400 ; minimum (1 day)
>> )
>> NS myns1.test.com.
>> NS myns2.test.com.
>>$ORIGIN tmp.testnasa.tst.com.
>>test A 10.5.1.94
>>##############################################################################
>>
>>>set q=ns
>>>test.testnasa.tst.com.
>>
>>Server: myns1.test.com
>>Address: 10.110.15.206
>>
>>*** myns1.test.com can't find test.testnasa.tst.com.: Non-existent domain
>
>
> Don't use nslookup for troubleshooting, use dig. nslookup gives the
> same "non-existent domain" error for both a missing name and when the
> name exists but doesn't have the record type you requested. In this
> case, test.testnasa.tst.com exists, but only has an A record, not NS
> record.
>
>
>>##############################################################################
>>#
>>
>>>set q=ns
>>>tmp.testnasa.tst.com.
>>
>>Server: myns2.test.com
>>Address: 10.110.15.207
>>
>>tmp.testnasa.tst.com nameserver = myns2.test.com
>>myns2.test.com internet address = 10.110.15.207
>>##############################################################################
>>##
>>
>>
>>__________________________________________________
>>Do You Yahoo!?
>>Tired of spam? Yahoo! Mail has the best spam protection around
>>http://mail.yahoo.com
>
>
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
More information about the bind-users
mailing list