Can I be a parent for a zone and a slave for a subdomain?

Mathias Körber mathias at koerber.org
Sat Sep 16 16:32:29 UTC 2000 

> But if I delegate a subdomain, the entry in my db file lists the
> nameserver(s) for that delegated domain. So then  how does named =
decide
> where to go?! Won't I get lots of non-authoritative answers for=20
> anything in
> that delegated subdomain if I do it this way?=20

If you are both the parent and slave for the same zone, you parent =
zone's
zonefile will conatin the NS records for the subdomain, one of which =
would
be your own nameserver, right? (Unless you are a stealth secondary, not
listed as NS for the zone...)

In the subdomain's zonefile, you will have the NS records for the =
subdomain
listing its nameservers, again one of which would be your own server.
If someone queried something inside that zone and followed the =
delegation
down, your server would directly answer with the data from the =
subdomain, as
it is uthoritative for that zone...



If the zonetransfer from the master has not happened yet, you will not =
have the
relevant zonefile and not be authoritative for that zone. In that case
your nameserver would return the delegation NS records only..

>                                               Will it check the db =
file
> which has been zone transferred first instead of following the pointer =
to
> the subdomain's name server?=20

yes, the data fro the subdomain's zonefile is more authoritative than =
the
delegation from the parent, so your NS will answer from the subdomain...

                               Is this really the best way to do this? =
What
> about the in-addr.arpa files, won't  I have conflicts with that?=20

I do not see how in-addr.arpa comes into the picture. They are normal =
domains
(in a certain branch of the DNs tree). As long as the reverse DNs =
entries list the
correct names for the relevant nameservers' IP addresses, I do not see =
how being
parent and slave for a domain makes any difference.

> Instead of
> pointing to a nameserver for the delegated zone, they'll have hostname
> entries. Wouldn't it be better to have the subdomains be secondaries =
for

Domains cannot be servers... other servers can !

> each other?



>=20
> Michele Chubirka
> Systems Administrator
> George Washington University
> 202-994-5791
> ----- Original Message -----
> From: "Kevin Darcy" <kcd at daimlerchrysler.com>
> To: <bind-users at isc.org>
> Sent: Friday, September 15, 2000 11:42 PM
> Subject: Re: Can I be a parent for a zone and a slave for a subdomain?
>=20
>=20
> >
> > A subzone delegation, in and of itself, publishes the existence=20
> of a zone
> in
> > the DNS database, but it does not specify who is master and who is =
slave
> for
> > the zone. This is something that needs to be configured "privately" =
into
> the
> > nameservers themselves. In the case of BIND, you configure the
> master/slave
> > distinction and associated parameters in the named.conf file. So no,
> there's no
> > contradiction in delegating a subzone and also being slave for it. =
These
> things
> > are configured in different places and serve different purposes. =
Being a
> master
> > means maintaining the original copy of the zone file; being a=20
> slave means
> you
> > get only a replica of the zonefile through an automated process. =
No-one
> else
> > really knows for sure, or cares, who the slave and who the=20
> master is. All
> the
> > delegation records do is provide enough information so that
> > *some* authoritative (i.e. master *or* slave, it doesn't matter)
> nameserver can
> > be found to answer the queries.
> >
> >
> >
> > - Kevin
> >
> > Michele Chubirka wrote:
> >
> > > I've recently taken over the VERY large task of repairing our zone =
and
> > > upgrading our name server to Bind 8 from 4.97. I'm relatively new =
to
> > > DNS/Bind, but I've been closely studying this list and the=20
> O'Reilly Bind
> > > book.
> > > We have a class B subnet and administer a large domain with many
> subdomains.
> > > What I'm really confused about is that (according to the book and =
the
> > > representatives from ISPs I've spoken to) I understood that if I
> delegated a
> > > subdomain, I only maintained pointers to those domains by =
including
> their
> > > nameservers in my db files for said subdomains.
> > > I have a master and secondary nameserver upon which I make
> changes/updates.
> > > But after closely studying the files and speaking to the =
administrator
> for
> > > one of our subdomains, she indicates that she makes entries for =
her
> domains
> > > and then transfers her zone to my primary nameserver. Is this=20
> correct?!
> How
> > > can I be a Primary for the parent domain and a secondary for one =
of my
> > > subdomains? Wouldn't I have to have two configuration files? Or =
one
> > > indicating that I was primary for the parent zone, but=20
> secondary for the
> > > subdomain/child?
> > > When I look in the configuration file for our zone, the =
subdomain's
> > > nameservers are listed as secondary name servers for my domain, =
BUT
> THEY'RE
> > > MAKING ENTRIES for the subdomains! If they're secondaries,=20
> how can they
> make
> > > entries and be SOA for their subdomains?
> > >
> > > Michele Chubirka
> > > Systems Administrator
> > > George Washington University
> > > 202-994-5791
> >
> >
> >
> >
> >
> >
>=20
>=20
>=20

More information about the bind-users mailing list