domain keys and name-checking
Barry Margolin
barmar at alum.mit.edu
Mon Oct 20 02:38:09 UTC 2008
In article <gddkvk$1cbg$1 at sf1.isc.org>,
"aklist" <aklist_bind at enigmedia.com> wrote:
> >> I do now <g>...I always did it without thinking about why it worked,
> >> because
> >> it worked!
> >
> > Maybe it's time for you to read the "DNS & BIND" book and learn how all
> > this stuff works.
>
> I do have the book, and I've used the examples therein to set up BIND, but I
> didn't read it cover to cover...Cricket said this was OK <g>. Thanks for you
> patience though.
>
> >> but I'm still getting the error above for all the subzone A records?
> >
> > Those records all belong in the zone file for sub.domain.com, not
> > domain.com. That's what "delegating a subzone" means -- the subdomain
> > data is all in its own files on the servers that you've delegated to
> > (the ones named in the NS records).
>
> I understand that, but I was using DNS & BIND's example of "Creating a
> Subdomain in the Parent's Zone"...which doesn't provide much detail...just
> add the origin statment for the subdomain and the subdomain records under
> it.
>
> > If you're using all the same servers for both domain.com and
> > sub.domain.com, you don't need to delegate at all. Get rid of the NS
> > records for sub.domain.com, the "zone" statement in your named.conf, and
> > then you can put these records in the
>
> Oh, I wish you'd finish that statement!
>
> FWIW: I thought I _wasn't_ delegating the subdomain by including it in the
You said "subzone", so I assumed it was delegated. The difference
between a subdomain and a subzone is whether it's delegated.
> parent zone in my example...nor did I create any NS records for the
> subdomain...all I did was append this to the end of the parent zone file as
> the example shows, but I'm getting the out-of-zone error with this config.
There must be something elsewhere in the zone file or named.conf that
tells it that the subdomain is in a separate zone. Otherwise, it
wouldn't complain about out-of-zone data.
Or you've made a typo that makes it look like these new records belong
in a different zone. As the other poster said, if you post the actual
configuration and zone files, we should be able to tell.
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***
More information about the bind-users
mailing list