delegation issue

lderuaz at free.fr lderuaz at free.fr
Sat Sep 10 07:56:36 UTC 2005 

hello,

i'm facing a delegation issue for which i need support.

I've got two internal dns servers (dns1 and dns2) for local resolution. These
servers have global forwarders for internet RR resolution (dns_ext1 and
dns_ext2).
These internal dns servers are masters/slave for the domains
"site.country.company.int", "country.company.int", and "company.int"

I want to create a subdomain "proxypac.site.country.company.int", and delegate
it to two new internal dns servers "dns_sub1" and "dns_sub2".

The problem is that when the internal dns servers dns1 or dn2 receive a request
for proxypac.site.country.company.int, instead of asking the servers dns_sub1
or dns_sub2, they forward the request to their global forwarders.

Normally, as dns1/dns2 are master for the domain "site.country.company.int" ,
and as this zone contains the NS related to dns_sub1 and dns_sub2 ,shouldn't
they forward this request (or ask for resolution) to dns_sub1 or dns_sub2 ?


Please find, the extract of the debug file.

PS : i've already implemented such a solution on another site, and it is working
without any problem
PS2 : i've tested this with bind 8.x and 9.x

---------------------------------------------------------------------------------------------
09-Sep-2005 12:08:47.829 default: debug 1: datagram from [client IP].1027, fd
180, len 41
09-Sep-2005 12:08:47.829 proxypacket: debug 3: ns_req(from [client IP].1027)
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2189
;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;;        proxypac.site.country.company.int, type = A, class = IN
09-Sep-2005 12:08:47.829 queries: info: XX+/client
IP/proxypac.site.country.company.int/A/IN
09-Sep-2005 12:08:47.829 default: debug 1: req:
nlookup(proxypac.site.country.company.int) id 2189 type=1 class=1
09-Sep-2005 12:08:47.829 default: debug 1: req: found
'proxypac.site.country.company.int' as 'proxypac.site.country.company.int'
(cname=0)
09-Sep-2005 12:08:47.829 default: debug 3: wanted(0x9091e4, IN A) [IN NS]
09-Sep-2005 12:08:47.829 default: debug 3: wanted(0x909228, IN A) [IN NS]
09-Sep-2005 12:08:47.829 default: debug 5: findns: np 0x959464 'proxypac'
09-Sep-2005 12:08:47.829 default: debug 3: findns: 2 NS's added for 'proxypac'
09-Sep-2005 12:08:47.845 default: debug 3: ns_forw()
09-Sep-2005 12:08:47.845 default: debug 5: qnew(0x995210)
09-Sep-2005 12:08:47.845 config: debug 3:
find_zone(proxypac.site.country.company.int, 1)
09-Sep-2005 12:08:47.845 config: debug 3: find_zone: unknown zone
09-Sep-2005 12:08:47.845 config: debug 3: find_zone(site.country.company.int, 1)
09-Sep-2005 12:08:47.845 config: debug 3: find_zone: existing zone 85
09-Sep-2005 12:08:47.845 config: debug 3: find_zone(country.company.int, 1)
09-Sep-2005 12:08:47.845 config: debug 3: find_zone: existing zone 82
09-Sep-2005 12:08:47.845 config: debug 3: find_zone(company.int, 1)
09-Sep-2005 12:08:47.845 config: debug 3: find_zone: existing zone 80
09-Sep-2005 12:08:47.845 config: debug 3: find_zone(corp, 1)
09-Sep-2005 12:08:47.845 config: debug 3: find_zone: unknown zone
09-Sep-2005 12:08:47.845 config: debug 3: find_zone(., 1)
09-Sep-2005 12:08:47.845 config: debug 3: find_zone: existing zone 77
09-Sep-2005 12:08:47.845 default: debug 2: noforward:
dname=proxypac.site.country.company.int, looking for positive
09-Sep-2005 12:08:47.845 default: debug 2: noforward:
dname=proxypac.site.country.company.int, looking for negative
09-Sep-2005 12:08:47.845 default: debug 4: schedretry(0x995210, 4 sec)
evSetTimer(ctx 0x620050, func 0x419840, uap 0, due 1126260531.000000000, inter
0.000000000)
09-Sep-2005 12:08:47.845 default: debug 1: forw: forw -> [dns_ext1 IP].53 ds=212
nsid=41787 id=2189 69ms retry 4sec
09-Sep-2005 12:08:47.845 default: debug 3: free_nsp:
dns_sub1.site.country.company.int rcnt 1
09-Sep-2005 12:08:47.845 default: debug 3: free_nsp:
dns_sub2.site.country.company.int rcnt 1
pselect(213, 0xb4, 0x130, 0xf5f5f5f5, 3.155000000)
select() returns 1 (err: none)
Dispatch.File: fd 212, mask 0x1, func 0x41e9d0, uap 0
09-Sep-2005 12:08:47.845 default: debug 1: datagram from [dns_ext1 IP].53, fd
212, len 116
09-Sep-2005 12:08:47.845 default: debug 3: qfindid(41787) -> 0x995210
09-Sep-2005 12:08:47.845 default: debug 2: Response (USER NORMAL -) nsid=41787
id=2189
09-Sep-2005 12:08:47.845 default: debug 3: stime 1126260527/829000  now
1126260527/845000 rtt 16
09-Sep-2005 12:08:47.845 default: debug 2: NS #0 addr [dns_ext1 IP].53 used, rtt
53
09-Sep-2005 12:08:47.845 default: debug 2: NS #1 [dns_ext2 IP].53 rtt now 300
09-Sep-2005 12:08:47.845 default: debug 3: rrextract: dname  type 6 class 1 ttl
10701
09-Sep-2005 12:08:47.845 default: debug 5: db_set_update(<NULL>)
09-Sep-2005 12:08:47.845 ncache: debug 1: ncache: dname
proxypac.site.country.company.int, type 1, class 1
09-Sep-2005 12:08:47.845 db: debug 3:
db_update(proxypac.site.country.company.int, 0x99abc0, 0x99abc0, 0, 031,
0x5eeeb4)
09-Sep-2005 12:08:47.845 ncache: debug 1: db_update failed (-5), cache_n_resp()
09-Sep-2005 12:08:47.845 default: debug 3: resp: leaving NO: auth = 0
09-Sep-2005 12:08:47.845 default: debug 1: send_msg -> [client IP].1027 (UDP
180) id=2189

More information about the bind-users mailing list