Problem with zone delegation with private gTLD

Kevin Darcy kevin.darcy at fcagroup.com
Mon Apr 8 17:05:45 UTC 2019 

If you're doing stuff at really small scale, you can just define your own
root zone and put all of the records into it, including records in the
"phishing" subdomain, and any reverse records you care about (in the
"in-addr.arpa" and/or "ip6.arpa" subdomains). For that matter, if you only
have 1 BIND instance, you don't need to worry about recursion or
master/slave replication. BIND might complain if you only have 1 NS record
associated with a given zone name (since the standard says a minimum of 2),
but you could just make up a fictitious nameserver with a fictitious
address, and BIND will quickly figure out that it doesn't exist and stop
trying to use it.


                             - Kevin

On Mon, Apr 8, 2019 at 5:51 AM Karl Lovink via bind-users <
bind-users at lists.isc.org> wrote:

> Hello,
> I am trying to set up a private gTLD with BIND9 and underneath that gTLD
> a subdomain. The subdomain runs on another BIND9 server.
>
> The problem I'am facing is that the BIND9 server of the gTLD gives a
> NXDOMAIN
> for the ns record of the subdomain. If have no clue what is wrong.
>
> Can somebody point me out what is wrong in my configuration.
>
> named.conf snippet
>     view "phishing" {
>         match-clients { phishing_net; };
>         recursion yes;
>
>         zone "lab" {
>                 type master;
>                 file "/etc/bind/gTLD/lab";
>         };
>     };
>
> gTLD lab zone:
>     $TTL 60 ; TTL 60 seconds
>     $ORIGIN lab.
>     @   IN  SOA vdns01.lab. hostmaster.vdns01.mgmt.lab. (
>             2019040801
>             10800
>             3600
>             604800
>             38400 )
>
>         IN  NS  vdns01.lab.
>         IN  MX  mail.lab.
>
>     vdns01          IN  A   192.168.111.200
>     mail            IN  A   192.168.10.103
>
>     $ORIGIN acme.lab.
>     @               IN  NS  ns1.acme.lab.
>                     IN  NS  vdns01.lab.
>     ns1.acme.lab.   IN  A   192.168.10.42
>
>
>
> Greetz,
> Karl
>
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20190408/f211cfc7/attachment-0001.html>

More information about the bind-users mailing list