Delegation of in-addr.arpa.

Kevin Darcy kcd at daimlerchrysler.com
Wed Jan 10 00:51:44 UTC 2001


Do the *reverse* zones have WINS records in them? I thought they were only in
forward zones. Perhaps you could just be a slave to the reverse zones, since those
are the only ones which (you say) are problematic.

Failing that, I think you're at an impasse, since I don't think you can do what you
want with BIND 4.9.7. You should upgrade to BIND 8.2.2-p7 and then you can cancel
forwarding for all of 98.10.in-addr.arpa (or, if you wish, for all of
10.in-addr.arpa) using the "forwarders { };" construct.

Be aware, though, that BIND 8 won't allow you to delegate *outside* of your zone,
as you have done here. Once it realizes that you have delegated lev1.myinternal.com
it will loudly reject the delegation of lev2.lev1.myinternal.com, complaining that
it is "out of zone data". Only linux.lev1.myinternal.com should be allowed to
delegate lev2.lev1.myinternal.com. That's what delegation *means*, after
all: giving up control to some other server(s).


- Kevin

Manjeet Rekhi wrote:

> Hello Admins,
>
> We have an internal DNS server running on HP (v4.9.7) which is also a primary
> root server. We also need to resolve external hosts
> so we have a forwarders option which is pointing to our gateway server (which
> doesn't know about internal hosts). The setup is working OK until ...
>
> We delegated a subdomain (lev1.myinternal.com) to a linux server with address
> space 10.98.60.x. This linux server, in turn has delegated
> a sub domain (lev2.lev1.myinternal.com) to an NT server running WINS and DNS
> with address space 10.98.61.x
>
> Our db.myinternal entries are (for delegation) :
>
> lev1 86400 IN NS linux.lev1.myinternal.com.
> linux.lev1.myinternal.com. 86400 IN A 10.98.60.11
> lev2.lev1 86400 IN NS nt.lev2.lev1.myinternal.com.
> nt.lev2.lev1.myinternal.com. 86400 IN A 10.98.61.12
>
> Our db.in-addr.10 entries for delegation are:
>
> 60.98.10.in-addr.arpa. IN NS linux.lev1.myinternal.com.
> 61.98.10.in-addr.arpa. IN NS nt.lev2.lev1.myinternal.com.
>
> With this setup, my forward name resolution works fine with HP connecting
> directly to linux (or NT) if query is for a host in any sub-domain.
> However, when I perform a reverse lookup for one of the addresses in the
> sub-domains, I see in the debug log that HP connects to the gateway
> (which doesn't know about internal hosts and IPs) instead of connecting to linux
>  or NT (as the case maybe). I also found that if I remove forwarding
> option, the queries work fine bothways. But we need to retain the forwarding
> functionality to resolve external hostnames.
>
> What do I need to change to make my setup work? I can provide more details if
> required. I was thinking of making HP secondary for its own sub-domains
> (both forward and reverse) but NT has WINS as well and DNS+WINS don't mix well
> with HP.
>
> Thanks in advance
> ...Manjeet






More information about the bind-users mailing list