3rd tier & 4th tier domains
Kevin Darcy
kcd at daimlerchrysler.com
Thu Nov 17 20:16:00 UTC 2005
The delegation tree is hierachical. Once you delegate mxx.yyy.com, then
things underneath it, e.g. td3.mxx.yyy.com can only be delegated
*from*that*zone*, not anywhere else. And the converse is also true, if
td3.mxx.yyy.com is delegated from the root zone, then it's incompatible
with an intermediate delegation to mxx.yyy.com.
- Kevin
spamabyss at charter.net wrote:
>I'm having trouble configuring an internal root server. My problem is
>that we utilize 3rd and 4th tier domain names, and is rejected on
>startup. I'm hoping the solution is that I do not have to change the
>3rd tier zone to be a 4th tier zone also, since this is enterprise wide
>and has existed successfully for many years now. I would appreciate
>any comments/suggestions, heck - even flames :-). For example, for
>customer dns we have zones
>
>d04.mxx.yyy.com
>d01.mxx.yyy.com
>td3.mxx.yyy.com
>
>but for our internal infrastructure we place our devices in zone
>
>mxx.yyy.com
>
>so in /usr/local/named1/var/named wehave
>
>db.d04.mxx.yyy.com
>db.mxx.yyy.com
>
>/usr/local/named2/var/named
>db.d01.mxx.yyy.com
>db.mxx.yyy.com
>
>/usr/local/named3/var/named
>db.td3.mxx.yy.com
>db.mxx.yyy.com
>
>
>and works fine for each individual nameserver.
>
>But we need a localhost internal root nameserver that can resolve to
>various customer domains as well as our infrastructure zones, but bind
>will only search either the 4th tier or third tier, or just fail to use
>the db.root if I include both there
>
>//named.conf
>
>options {
> directory "/usr/local/named0/var/named";
> listen-on { 127.0.0.1; };
> pid-file "/usr/local/named0/var/run/named.pid";
>};
>zone "." IN {
> type master;
> file "db.root";
>};
>zone "localhost" IN {
> type master;
> file "fwd.localhost";
>};
>zone "0.0.127.in-addr.arpa" IN {
> type master;
> file "localhost.rev";
>};
>
>=========================================
>
>;db.root
>
>. IN SOA localhost. root.localhost. (
> 2005111501 ; serial
> 3H ; refresh
> 15 ; retry
> 1w ; expire
> 3h ; minimum
> )
>
> IN NS localhost.
>
>
>td3.mxx.yyy.com. 9999999 IN NS crytd3-ic1.mxx.yyy.com.
>d01.mxx.yyy.com. 9999999 IN NS crytd3-ic1a.mxx.yyy.com.
>d04.mxx.yyy.com. 9999999 IN NS crytd3-ic1b.mxx.yyy.com.
>
>; When commented out, the db.root file is loaded and I can resolve the
>4th tier zones
>; If I uncomment these, I get non-glue records error and db.root does
>not load.
>;mxx.yyy.com. 9999999 IN NS crytd3-ic1.mxx.yyy.com.
>; 9999999 IN NS
>crytd3-ic1a.mxx.yyy.com.
>; 9999999 IN NS
>crytd3-ic1b.mxx.yyy.com.
>;
>
>crytd3-ic1.mxx.yyy.com. 9999999 IN A 189.74.76.22
>crytd3-ic1a.mxx.yyy.com. 9999999 IN A 189.74.76.52
>crytd3-ic1b.mxx.yyy.com. 9999999 IN A 189.74.76.55
>
>$INCLUDE rev.td3.mso.mci.com
>$INCLUDE rev.d01.mso.mci.com
>$INCLUDE rev.d04.mso.mci.com
>
>
>Please let me know if I need to provide more info. I think it is
>enough for someone to tell me what I don't want to hear :-) I just
>didn't want to clutter it up with more than necessary.
>TIA!!
>
>
>
>
>
>
>
More information about the bind-users
mailing list