dns & subdomains

Melvin Toy mwtoy at home.com
Thu Feb 24 19:16:40 UTC 2000


Hi-

I'm experimenting with DNS in a network using subdomains.  I based lot
of my information on the book DNS & BIND by Albitz and Liu. I have some
linger questions and I'm wondering what is the acceptable way in a real
environment.  I have 13 machines.  4 per subdomain and 1 used as a
router. My parent is the following:

    comics.com - 172.16.88.1- 172.16.95.254    255.255.248
    db.comics db.172.16 db.127.0 db.cache

My other 2 subdomains are the following:

avengers.comics.com    172.16.72.1 -172.16.79.254 255.255.248.0
db.avenger db.172.16 db.127.0 db.cache

xmen.comics.com          172.16.80.1 - 172.16.87.254 255.255.248.0
db.xmen db.172.16 db.127.0 db.cache

Each subdomain has a master and slave nameserver. I add the NS and glue
records to comics.com master nameserver.  Everything works fine. What I
can't do is resolve anything in comics.com from within
avengers.comics.com and xmen.comics.com.  The book is not clear on
this.  It does mention making the master of each subdomain (xmen &
avengers) a slave of the entire zone (comics). Xmen and avenger's master

would have copy of db.comics.  I can now resolve names in comics from
with xmen and avengers but I can't do a reverse lookup.  I can't just
make each
master a slave and have the db.172.16 copied because it would write over

each master db.172.16.  So is the solution to make each master a slave
for comics.com and not transfer a copy of comic's db.172.16.  Would this

be a valid and viable solution? I could rename each db.172.16 but if I
decide to use h2n it sort of defeats the purpose of using the script.
Another would be to go to each client and add the master nameserver of
comics.com in the clients  of xmen and avenger as the 3rd nameserver but
that causes slow performance and I still wouldn't be able to to a
reverse lookup.  Would you even want to be able to do a reverse lookup
from within each subdomain?

There's probably lots of different solutions but I'm looking for what is
generally the accepted way of doing things in a real enviroment.

I would apprentice any suggestion and comments.

Thanks
Melvin





More information about the bind-users mailing list