Why is Bind 9 refusing these delegations?

Mark_Andrews at isc.org Mark_Andrews at isc.org
Mon Jan 27 00:45:15 UTC 2003 

> I am trying to inform a Bind 9.2.1 used mainly as a local cache/forwarder
> about the existence of a special zone in my LAN for some local
> purposes, with subdomains delegations to another local nameserver 
> (not Bind).
> 
> In particular, I want to define a zone "a" in ns1 and delegate "b.a" 
> to another server ns2.  So the file for zone "a" contains for instance:
> 
> @    IN  SOA  (...)
> @    IN  NS   ns1
> ns1  IN  A    192.168.1.1
> ns2  IN  A    192.168.1.2
> b    IN  NS   ns2
> 
> I load the zone.  dig tells me that the two A records have been loaded
> regularly, however:
> 
> # dig ns b.a
> ;; QUESTION SECTION:
> ;b.a.                           IN      NS
> ;; Query time: 13 msec
> ;; SERVER: 127.0.0.1#53(127.0.0.1)
> 
> The delegation record has not been loaded.  This works in Bind 8
> but not in Bind 9.  Evidently Bind 9 does additional checks and
> discards the record -- but it does not report anything in the logs,
> at least in the most obvious categories.
> 
> I have been banging my head for two days now without any success.
> Before going back to Bind 8 or trying other ways to achieve the
> same effect, is there any kind soul to enlighten me on what is 
> happening and why?
> 
> Thanks
> 
> --
> furio ercolessi

	Bind 9 will give *different* answers to recursive and
	non-recursive queries.  The non-recursive answer will come
	from its zone data.  The recursive answer will come from
	the server for b.a.

	The first question is "tell me the nameservers for b.a or
	how to find them".  The second question is "tell me the
	nameservers for b.a".

	If named serves any of the parents to b.a and not b.a, it
	will answer the first with a referal (how to find them).
	The second it will follow its referal and get the answer
	from the other server even if it disagrees with the referal
	(there are no NS records).

	BIND 8 didn't have the data structures to do this so you
	always got the answer from the zone data even if it disagreed
	with what the child zone said.

	Mark
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews at isc.org

More information about the bind-users mailing list