domain keys and name-checking

Barry Margolin barmar at alum.mit.edu
Wed Oct 22 03:40:52 UTC 2008 

In article <gdlisr$297t$1 at sf1.isc.org>,
 "aklist" <aklist_bind at enigmedia.com> wrote:

> > aklist wrote:
> >> FWIW: I thought I _wasn't_ delegating the subdomain by including it in 
> >> the
> >> parent zone in my example...nor did I create any NS records for the
> >> subdomain...all I did was append this to the end of the parent zone file 
> >> as
> >> the example shows, but I'm getting the out-of-zone error with this 
> >> config.
> >>
> >> $ORIGIN sub.domain.com.
> >> server      A       aaa.bbb.ccc.42
> >> server      A       aaa.bbb.ddd.12
> >> server      A       aaa.bbb.ddd.13
> >> server      A       aaa.bbb.ddd.14
> >> server      A       aaa.bbb.ddd.15
> >>         MX      10 server
> >
> > Since you continue to submit edited snippets of your zone file instead
> > of the complete/correct ones, we can't tell you what the problem is.
> > If, however, you decide to post the actual contents of your file,
> > someone will be able to see the problem and would have corrected it
> > about 5 message exchanges back.
> >
> > AlanC
> 
> Thanks for your kind words...if you read my original post "5 message 
> exchanges back" you would have seen the complete zone file. 

I haven't seen anything that uses real domains, just bogus domains like 
"parent.com" and "sub.domain.com", and addresses containing non-numbers 
like aaa, bbb, and ccc.  I refuse to believe that this is what's in your 
actual zone file.

If you did actually post a real zone file, it somehow didn't make it 
across the mail-to-news gateway, because I read this group in the 
comp.protocols.dns.bind Usenet newsgroup and I don't see it.

Also, you haven't posted the named.conf file.  The most complete 
facsimile of a zone file starts with:

$TTL 3h
@ IN SOA ns.parent.com. hostmaster.parent.com. (

Since there's no $ORIGIN directive, I can't tell what zone this is.  If 
I had to guess, I'd assume you're defining parent.com.  Then later the 
file contains:

$ORIGIN sub.domain.com.

Since sub.domain.com is not part of the parent.com zone, this would 
explain the "out-of-zone" errors.

-- 
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***

More information about the bind-users mailing list