problem with ORIGIN definition.

vincent.blondel at ing.be vincent.blondel at ing.be
Wed Feb 27 16:42:35 UTC 2008 

Hello,

Just this mail to ask you about a problem I just dicovered with my dns
infra. I get a dns zone running on a local bind 9.2.3 with a definition
like this

$ORIGIN mydomain.be.
$TTL 3600
@ IN SOA ns.mydomain.be. dnsmaster.mydomain.be. (
                1 ; serial
                21600      ; refresh (6 hours)
                3600       ; retry (1 hour)
                691200     ; expire (1 week 1 day)
                7200       ; minimum (2 hours)
                )

        IN NS   ns1.mydomain.be.
        IN NS   ns2.mydomain.be.

...
...
...

$ORIGIN example.mydomain.be.
@ IN NS ns1.mydomain.be.
@ IN NS ns2.mydomain.be.

$ORIGIN docpay.mydomain.be.
@ IN NS ns1.adomain.nl.
@ IN NS ns2.adomain.nl.

This server is in fact the local master for our public dns area and is
syncing with another bind running 9.4.1-P1 in dmz area. This last server
is really connected on the internet. Synchronization is done simply with
a NOTIFY from internal to dmz server.

This is runnig well execpt I discovered a strange behaviour this
afternoon. 

When I query from local server NS records for docpay.mydomain.be I do
not get any answer but well for example.mydomain.be :

 dig @localhost docpay.mydomain.be in ns
 dig @localhost example.mydomain.be in ns

But when I run these same queries to my dmz server directly from the
internet I do not get any problems. So I receive ns1.adomain.nl and
ns2.adomain.nl as NS records for docpay.mydomain.be. On the other side
when I query NS records for example.mydomain.be I well receive
ns1.mydomain.be and ns2.mydomain.be.

My question is : why do I not get any answer for docpay.mydomain.be when
I query from internal server .. Is this relative to a bug corrected a
long time ago or is this simply due to another behaviour I do not think
about it ??

Many thanks for your help.

Regards
Vincent Blondel 


-----------------------------------------------------------------
ATTENTION:
The information in this electronic mail message is private and
confidential, and only intended for the addressee. Should you
receive this message by mistake, you are hereby notified that
any disclosure, reproduction, distribution or use of this
message is strictly prohibited. Please inform the sender by
reply transmission and delete the message without copying or
opening it.

Messages and attachments are scanned for all viruses known.
If this message contains password-protected attachments, the
files have NOT been scanned for viruses by the ING mail domain.
Always scan attachments before opening them.
-----------------------------------------------------------------

More information about the bind-users mailing list