trouble delegating a subdomain via NS record

John Ratliff jratliff at bluemarble.net
Thu Feb 16 16:51:47 UTC 2017 

I thought the missing line meant keep the origin, though I've used this
missing line to add multiple A records to things before, so I don't know
why exactly I was thinking this.

Thanks for the clarification.

<quote who="/dev/rob0">
> On Thu, Feb 16, 2017 at 11:31:55AM -0500, John Ratliff wrote:
>> I’m trying to delegate a subdomain to another BIND server, but
>> when I add the NS record, some of the records stop working. I was
>> hoping someone could help me figure out why.
>
> It's simple.
>
>> Here is a zone file that demonstrates the problem for example.com.
>> It’s running on a CentOS 7 system with BIND 9.9.4. I saw the
>> problem originally on a Debian 8 server with BIND 9.9.5.
>>
>> $TTL 3600
>> @       IN      SOA ns1.example.com. hostmaster.example.com. (
>>                 2017021608      ; serial (yyyymmdd##)
>>                 7200            ; refresh secondary every 2 hours
>>                 3600            ; retry secondary every hour thereafter
>>                 1209600         ; expire w/o update in 14 days.
>>                 3600 )          ; negative cache time of 1 hour
>>
>>         IN NS ipa-test-client.example.com.
>
> The missing owner name on that line says, "Stick with the previous
> owner name for this record."
>
>> idm     IN NS ipa1.example.com.
>
> You changed the owner name here.
>
>>         IN MX 50 spamfw.example.com.
>
> The missing owner name on that line says, "Stick with the previous
> owner name for this record."  Apparently you assumed that a missing
> owner name means "@", the current origin, but that is not so.
>
>>         IN A 10.9.6.54
>
> Likewise.
>
>> ipa-test-client IN A 10.9.6.117
>> ipa1            IN A 10.9.6.118
>>
>> www     IN CNAME example.com.
>> test    IN A 10.9.6.222
>>
>> If I use the zone like this, the MX and A records seem to stop
>> working (I get NXDOMAIN with dig). If I comment out the idm NS
>> line, it starts working again. Other records seem fine. The www and
>> test records resolve, but the CNAME for www does not fully resolve
>> into 10.9.6.117 when the idm NS delegation is in place.
>>
>> Is there a specific place I need to put the NS record for the idm
>> subdomain? Must it go at the end, or be placed after an $ORIGIN
>
> You probably don't want to set $ORIGIN.  When a zone file is read,
> named sets an implicit $ORIGIN to the name of the zone as in the
> named.conf(5) zone statement.
>
>> declaration? I looked at a few guides on the internet, and they
>> didn’t suggest anything like this.
>
> If you're going to use this format (missing owner names) you should
> keep all the same names together.
>
> I suggest always using an owner name on every line.  It might not
> look as pretty, but it is definitely more grep-friendly.
> --
>   http://rob0.nodns4.us/
>   Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>

More information about the bind-users mailing list