delegating NS control of subdomain to another BIND

David Kirk david at kirks.org
Fri Jul 20 22:27:01 UTC 2001 

You need to have glue records in the parent domain file, so that the
delegation
works properly.

Basically, you'd need the following in your parent domain (assuming parent
zone
of madduck.net for example's sake) ...

In MADDUCK.NET ...

subdomain           IN        NS        ns1.subdomain.madduck.net.
subdomain           IN        NS        ns2.subdomain.madduck.net.
ns1.subdomain     IN        A          192.168.14.13
ns1.subdomain     IN        A          192.168.14.14

... and then have all of your appropriate entries in the
subdomain.madduck.net
zone.  This is needed due to the hierarchical nature of DNS, and since you
are
delegating the subdomain to servers that live in that subdomain, you need
to make
sure that there is a logical path via DNS to those servers, thus served by
the glue
records (the two A records above).

If you do the above, everything should work for you, unless I'm missing
something
really basic..

Thanks,

dave



MaD dUCK wrote:

> ... and i really thought i was down with BIND8/9...
>
> i can't seem to find a solution to the following problem:
> (sorry for the sizely post...)
>
> mydomain.org is handled by ns{1,2}.mydomain.org.
> so ns1.mydomain.org has a zone for mydomain.org, with an entry
>   mydomain.org IN NS ns1.mydomain.org
> and ns2.mydomain.org slaves this zone.
>
> now i would like to create a new zone, subdomain.mydomain.org,
> and i want it to be controlled by two separate nameservers,
> ns{1,2}.subdomain.mydomain.org.
>
> i thought that i could simply create an entry
>   subdomain IN NS ns1.subdomain.mydomain.org
>             IN NS ns2.sybdomain.mydomain.org
> within the mydomain.org zone, and then any request to
> subdomain.mydomain.org and its children are delegated to
> ns{1,2}.subdomain.mydomain.org.
>
> the subdomain.mydomain.org zone contains an A record for @ as well as
> A records for ns1 and ns2 plus some other A records for other hosts.
>
> now, from a host that uses ns{1,2}.mydomain.org as its nameservers, i
> am doing the following tests:
>
> ns1.mydomain.org           => 192.168.14.1
> ns2.mydomain.org           => 192.168.14.11
> ns1.subdomain.mydomain.org => 192.168.14.13
> ns2.subdomain.mydomain.org => 192.168.14.14
>
> (1) direct queries agains ns{1,2}.subdomain.mydomain.org
>     (this all works for both).
>
>   fishbowl:~> host -t ns subdomain.mydomain.org 192.168.14.13
>   subdomain.mydomain.org         NS      ns2.subdomain.mydomain.org
>   subdomain.mydomain.org         NS      ns1.subdomain.mydomain.org
>
>   fishbowl:~> host subdomain.mydomain.org 192.168.14.13
>   subdomain.mydomain.org         A       192.168.14.21
>
>   fishbowl:~> host ns1.subdomain.mydomain.org 192.168.14.13
>   ns1.subdomain.mydomain.org     A       192.168.14.13
>
>   fishbowl:~> host ns2.subdomain.mydomain.org 192.168.14.13
>   ns2.subdomain.mydomain.org     A       192.168.14.14
>
>   fishbowl:~> host mail.subdomain.mydomain.org 192.168.14.13
>   mail.subdomain.mydomain.org    A       192.168.14.7
>
>           ===> ns{1,2}.subdomain.mydomain.org correctly resolve their
>                zones
>
> (2) queries agains ns{1,2}.mydomain.org
>     (this all works for both)
>
>   fishbowl:~> host -t ns mydomain.org 192.168.14.1
>   mydomain.org                   NS      ns1.mydomain.org
>   mydomain.org                   NS      ns2.mydomain.org
>
>   fishbowl:~> host -t ns subdomain.mydomain.org 192.168.14.1
>   subdomain.mydomain.org         NS      ns1.subdomain.mydomain.org
>   subdomain.mydomain.org         NS      ns1.subdomain.mydomain.org
>    !!! subdomain.mydomain.org NS host ns1.subdomain.mydomain.org does
>      not exist
>    !!! subdomain.mydomain.org NS host ns2.subdomain.mydomain.org does
>      not exist
>   subdomain.mydomain.org has lame delegation to
>     ns1.subdomain.mydomain.org
>   subdomain.mydomain.org has lame delegation to
>     ns2.subdomain.mydomain.org
>
>   fishbowl:~> host ns1.subdomain.mydomain.org 192.168.14.1
>   ns1.subdomain.home.madduck.net does not exist (Authoritative answer)
>
>   fishbowl:~> host mail.subdomain.mydomain.org 192.168.14.1
>   ns2.subdomain.home.madduck.net does not exist (Authoritative answer)
>
> do you have any ideas how i can configure this?
>
> thanks,
> martin;              (greetings from the heart of the sun.)
>   \____ echo mailto: !#^."<*>"|tr "<*> mailto:" net at madduck
> --
> click the start menu and select 'shut down.'

More information about the bind-users mailing list