more on delegating subdomain

Matt Kehler mkehler at wrha.mb.ca
Fri Feb 14 21:21:47 UTC 2003 

I'm not sure what you mean. Our primary internal nameserver
(wrha001ns04) DOES do some forwarding to other domains.  It IS
authoritative for wrha.mb.ca.  

Basically..we have 2 bind servers internally for name resolution,
anything they can't resolve they forward to internet accessible
nameservers. we created a subdomain of ad.wrha.mb.ca to handle our win2k
implementation.  Since everything on our network points to our 2 name
servers...we just figured we would add ad.wrha.mb.ca, delegate it to a
win2k dns server, and away we go.  

It seemed as though simply adding the proper entries within our
wrha.mb.ca zone file to delegate the ad subdomain to the win2k server
was all we had to do.

I think that makes sense...:)

thx
Matt


Matt Kehler
Senior Network Analyst
Winnipeg Regional Health Authority
mkehler at wrha.mb.ca 
ph  204.926.7069
fax 204.943.8014

>>> Kevin Darcy <kcd at daimlerchrysler.com> 02/14/03 15:27 PM >>>
Ah, I understand now.

Are you using forwarding, by any chance? Any nameserver which is
authoritative for wrha.mb.ca but *not* authoritative for ad.wrha.mb.ca
will
forward queries (instead of following the delegation), if that is its
default behavior for resolving names outside of its authoritative zones.


- Kevin

Matt Kehler wrote:

> What I meant was that running tcpdump on wrha001ad01 nothing ever
comes
> into that nameserver at all. I'm not sure why.
>
> Matt
>
> >>> Kevin Darcy <kcd at daimlerchrysler.com> 02/14/03 15:06 PM >>>
> Matt Kehler wrote:
>
> > I am resending this as we had a email issue last night and some
stuff
> > was lost.   I'm trying to delegate a subdomain..its not working.  I
do
> > not see the requests go out of my primary domain nameserver.  I'm
> using
> > bind9.2.latest.  Snip of my domain zone data file is below from my
> > primary NS server, wrha001ns04 for the wrha.mb.ca domain, and trying
> to
> > delegate the ad.wrha.mb.ca subdomain off to the nameserver
wrha001ad01
> > (at 172.19.40.21)  .  is the below not correct?
> >
> > >>>>>>>>>>>>>
> > [root at wrha001ns04 etc]# cat wrha.mb.ca.hosts.internal
> > $ttl 38400
> > wrha.mb.ca.     IN      SOA     wrha001ns04. root (
> >                         1030053590
> >                         10800
> >                         3600
> >                         604800
> >                         38400 )
> > wrha.mb.ca.     IN      NS      wrha001ns04.
> > ad.wrha.mb.ca.  IN      NS      wrha001ad01.ad.wrha.mb.ca.
> > home.wrha.mb.ca.        IN      A       172.19.40.30
> > proxy.wrha.mb.ca.       IN      A       172.19.40.5
> > wrha1_srv.wrha.mb.ca.   IN      A       172.19.40.10
> > apps.wrha.mb.ca.        IN      A       172.19.40.19
> > wrha001ad01.ad.wrha.mb.ca.      IN      A       172.19.40.21
>
> Why would you expect to see requests "go out of your primary domain
> nameserver"? Presumably by this you mean the wrha001ns04 nameserver.
> Since
> you've delegated ad.wrha.mb.ca to the nameserver
> wrha001ad01.ad.wrha.mb.ca, queries for anything in that zone would go
to
> that nameserver instead.
>
> - Kevin

More information about the bind-users mailing list