Subdomain delegation only returns SOA on dig
Kevin Darcy
kcd at chrysler.com
Mon Mar 29 21:56:11 UTC 2010
The nameserver is recursive (RA in the header of the response means
"Recursion Available"). It recursed to the nameservers of the child
zone, which returned NXDOMAIN for the name mil.nse.spx.net, and it
passed that answer back.
Everything is working the way it is supposed to, including your new
delegation.
If you want to see a referral response from the same nameserver, try a
non-recursive query, e.g. dig +norec, against an empty cache.
- Kevin
On 3/29/2010 3:34 PM, Prabhat Rana wrote:
> Hello all,
> I'm running BIND 9.6.1-P1 on a Solaris box. This DNS (ns1.spx.net) is authoritative to domain spx.net (this is just example). And I'm trying to delegate nse.spx.net to ns1.nse.spx.net. I think I have configured correctly but when I run a dig from a different DNS node for a subdoamin within nse.spx.net like mil.nse.spx.net, it responds only SOA in the Auth section. Its missing the NS from the zone files. The snapshot of my named.conf file
>
> zone "spx.net" {
> type master;
> file "/opt/named/db.spx.net";
> };
>
> zone "nse.spx.net" {
> type master;
> file "/opt/named/db.nse.spx.net";
> };
>
>
> Here are the snapshot of consecutive zone files
> $ttl 38400
> spx.net. IN SOA ns1.spx.net. ns2.spx.net. (
> 1189784076
> 86400
> 3600
> 604800
> 38400 )
> spx.net. IN NS ns1
> spx.net. IN NS ns2
> ns2.spxdns.net. IN A 10.1.2.3
> ns1.spxdns.net. IN A 10.4.5.6
> ns1.nse.spx.net. IN A 10.7.8.9
> ;there are other entries here
> $ORIGIN nse.spx.net.
> @ IN NS ns1.nse.spx.net.
>
>
> And the 2nd zone file for submdomain nse.spx.net
> $TTL 3600 ; 1 hour
> @ IN SOA ns1.nse.spx.net<email> (
> 2008081812 ; serial
> 1800 ; refresh (30 minutes)
> 900 ; retry (15 minutes)
> 604800 ; expire (1 week)
> 3600 ; minimum (1 hour)
> )
> ;
> nse.spx.net. IN NS ns1.nse.spx.net.
> ns1.nse.spx.net. IN A 10.25.130.75
>
>
> Now when I run a dig for say mml.nse.spx.net I get only the SOA of the above zone file and no NS information that the query is being delegated to.
> #dig @ns1.spx.net mil.nse.spx.net
> ;<<>> DiG 9.6.1-P1<<>> @ns1.spx.net mil.nse.spxdns.net
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1717
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;mil.nse.spxdns.net. IN A
>
> ;; AUTHORITY SECTION:
> nse.spx.net. 3600 IN SOA ns1.nse.spx.net<email> . 2008081812 1800 900 604800 3600
>
> ;; Query time: 3 msec
> ;; SERVER: ns1.spx.net#53(10.1.2.3)
> ;; WHEN: Mon Mar 29 19:26:45 2010
> ;; MSG SIZE rcvd: 108
>
> How would the querying DNS find out about the nameserver that this subdomain is being delegated to? Why the query answer doesn't include NS sections. I've tried to change few things but nothing works. The only information I get is SOA and no NS in the AUTHORITY SECTION.
>
> Any help would be much appreciated.
>
> Thanks
> Prabhat.
>
>
>
>
>
>
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
>
>
>
More information about the bind-users
mailing list