3rd tier & 4th tier domains
spamabyss at charter.net
spamabyss at charter.net
Thu Nov 17 18:13:27 UTC 2005
I'm having trouble configuring an internal root server. My problem is
that we utilize 3rd and 4th tier domain names, and is rejected on
startup. I'm hoping the solution is that I do not have to change the
3rd tier zone to be a 4th tier zone also, since this is enterprise wide
and has existed successfully for many years now. I would appreciate
any comments/suggestions, heck - even flames :-). For example, for
customer dns we have zones
d04.mxx.yyy.com
d01.mxx.yyy.com
td3.mxx.yyy.com
but for our internal infrastructure we place our devices in zone
mxx.yyy.com
so in /usr/local/named1/var/named wehave
db.d04.mxx.yyy.com
db.mxx.yyy.com
/usr/local/named2/var/named
db.d01.mxx.yyy.com
db.mxx.yyy.com
/usr/local/named3/var/named
db.td3.mxx.yy.com
db.mxx.yyy.com
and works fine for each individual nameserver.
But we need a localhost internal root nameserver that can resolve to
various customer domains as well as our infrastructure zones, but bind
will only search either the 4th tier or third tier, or just fail to use
the db.root if I include both there
//named.conf
options {
directory "/usr/local/named0/var/named";
listen-on { 127.0.0.1; };
pid-file "/usr/local/named0/var/run/named.pid";
};
zone "." IN {
type master;
file "db.root";
};
zone "localhost" IN {
type master;
file "fwd.localhost";
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "localhost.rev";
};
=========================================
;db.root
. IN SOA localhost. root.localhost. (
2005111501 ; serial
3H ; refresh
15 ; retry
1w ; expire
3h ; minimum
)
IN NS localhost.
td3.mxx.yyy.com. 9999999 IN NS crytd3-ic1.mxx.yyy.com.
d01.mxx.yyy.com. 9999999 IN NS crytd3-ic1a.mxx.yyy.com.
d04.mxx.yyy.com. 9999999 IN NS crytd3-ic1b.mxx.yyy.com.
; When commented out, the db.root file is loaded and I can resolve the
4th tier zones
; If I uncomment these, I get non-glue records error and db.root does
not load.
;mxx.yyy.com. 9999999 IN NS crytd3-ic1.mxx.yyy.com.
; 9999999 IN NS
crytd3-ic1a.mxx.yyy.com.
; 9999999 IN NS
crytd3-ic1b.mxx.yyy.com.
;
crytd3-ic1.mxx.yyy.com. 9999999 IN A 189.74.76.22
crytd3-ic1a.mxx.yyy.com. 9999999 IN A 189.74.76.52
crytd3-ic1b.mxx.yyy.com. 9999999 IN A 189.74.76.55
$INCLUDE rev.td3.mso.mci.com
$INCLUDE rev.d01.mso.mci.com
$INCLUDE rev.d04.mso.mci.com
Please let me know if I need to provide more info. I think it is
enough for someone to tell me what I don't want to hear :-) I just
didn't want to clutter it up with more than necessary.
TIA!!
More information about the bind-users
mailing list