Subdomain delegation only returns SOA on dig

Prabhat Rana prana9533 at yahoo.com
Tue Mar 30 01:33:03 UTC 2010 

Thanks for the response Kevin. However when I flush the cache and snoop the interface on this recursive DNS I don't see any request going to the nameserver (ns1.nse.spx.net) of the child zone. It appears it is just displaying the output it received from the ns1.spx.net nameserver. I don't have any port 53 connectivity from ns1.spx.net to ns1.nse.spx.net. Would that cause any issues?


--- On Mon, 3/29/10, Kevin Darcy <kcd at chrysler.com> wrote:

> From: Kevin Darcy <kcd at chrysler.com>
> Subject: Re: Subdomain delegation only returns SOA on dig
> To: bind-users at lists.isc.org
> Date: Monday, March 29, 2010, 4:56 PM
> The nameserver is recursive (RA in
> the header of the response means 
> "Recursion Available"). It recursed to the nameservers of
> the child 
> zone, which returned NXDOMAIN for the name mil.nse.spx.net,
> and it 
> passed that answer back.
> 
> Everything is working the way it is supposed to, including
> your new 
> delegation.
> 
> If you want to see a referral response from the same
> nameserver, try a 
> non-recursive query, e.g. dig +norec, against an empty
> cache.
> 
>                
>                
>                
>                
>          
>                
>                
>                
>              -
> Kevin
> 
> On 3/29/2010 3:34 PM, Prabhat Rana wrote:
> > Hello all,
> > I'm running BIND 9.6.1-P1 on a Solaris box. This DNS
> (ns1.spx.net) is authoritative to domain spx.net (this is
> just example). And I'm trying to delegate nse.spx.net to
> ns1.nse.spx.net. I think I have configured correctly but
> when I run a dig from a different DNS node for a subdoamin
> within nse.spx.net like mil.nse.spx.net, it responds only
> SOA in the Auth section. Its missing the NS from the zone
> files. The snapshot of my named.conf file
> >
> > zone "spx.net" {
> >          type master;
> >          file
> "/opt/named/db.spx.net";
> > };
> >
> > zone "nse.spx.net" {
> >          type master;
> >          file
> "/opt/named/db.nse.spx.net";
> > };
> >
> >
> > Here are the snapshot of consecutive zone files
> > $ttl 38400
> > spx.net.     IN   
>   SOA     ns1.spx.net. ns2.spx.net.
> (
> >               
>           1189784076
> >               
>           86400
> >               
>           3600
> >               
>           604800
> >               
>           38400 )
> > spx.net.     IN   
>   NS      ns1
> > spx.net.     IN   
>   NS      ns2
> > ns2.spxdns.net. IN      A   
>    10.1.2.3
> > ns1.spxdns.net. IN      A   
>    10.4.5.6
> > ns1.nse.spx.net. IN        A 
>   10.7.8.9
> > ;there are other entries here
> > $ORIGIN nse.spx.net.
> > @      IN      NS 
>     ns1.nse.spx.net.
> >
> >
> > And the 2nd zone file for submdomain nse.spx.net
> > $TTL 3600       ; 1 hour
> > @             
>          IN SOA 
> ns1.nse.spx.net<email>  (
> >               
>                
>   2008081812 ; serial
> >               
>                
>   1800       ; refresh (30
> minutes)
> >               
>                
>   900        ; retry (15 minutes)
> >               
>                
>   604800     ; expire (1 week)
> >               
>                
>   3600       ; minimum (1
> hour)
> >               
>                
>   )
> > ;
> > nse.spx.net.     
>    IN      NS   
>   ns1.nse.spx.net.
> > ns1.nse.spx.net.   IN   
>   A       10.25.130.75
> >
> >
> > Now when I run a dig for say mml.nse.spx.net I get
> only the SOA of the above zone file and no NS information
> that the query is being delegated to.
> > #dig @ns1.spx.net mil.nse.spx.net
> > ;<<>>  DiG
> 9.6.1-P1<<>>  @ns1.spx.net
> mil.nse.spxdns.net
> > ; (1 server found)
> > ;; global options: +cmd
> > ;; Got answer:
> > ;; ->>HEADER<<- opcode: QUERY, status:
> NXDOMAIN, id: 1717
> > ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY:
> 1, ADDITIONAL: 0
> >
> > ;; QUESTION SECTION:
> > ;mil.nse.spxdns.net.         
>   IN      A
> >
> > ;; AUTHORITY SECTION:
> > nse.spx.net.     
>    3600    IN     
> SOA  ns1.nse.spx.net<email>    .
> 2008081812 1800 900 604800 3600
> >
> > ;; Query time: 3 msec
> > ;; SERVER: ns1.spx.net#53(10.1.2.3)
> > ;; WHEN: Mon Mar 29 19:26:45 2010
> > ;; MSG SIZE  rcvd: 108
> >
> > How would the querying DNS find out about the
> nameserver that this subdomain is being delegated to? Why
> the query answer doesn't include NS sections. I've tried to
> change few things but nothing works. The only information I
> get is SOA and no NS in the AUTHORITY SECTION.
> >
> > Any help would be much appreciated.
> >
> > Thanks
> > Prabhat.
> >
> >
> >
> >
> >
> >
> > _______________________________________________
> > bind-users mailing list
> > bind-users at lists.isc.org
> > https://lists.isc.org/mailman/listinfo/bind-users
> >
> >
> >
> >    
> 
> 
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>

More information about the bind-users mailing list