Delegation of Authority
David Botham
DBotham at OptimusSolutions.com
Wed Jun 2 12:56:27 UTC 2004
bind-users-bounce at isc.org wrote on 06/02/2004 08:21:43 AM:
>
>
> David Botham wrote:
>
> > In the domain.co.za zone db file, do this:
> >
> > ; Delegate sub.domain.co.za
> > sub IN NS ns1.sub.domain.co.za.
> > sub IN NS ns2.sub.domain.co.za.
> >
> > ; Glue for ns1.sub.domain.co.za and ns2.sub.domain.co.za
> > ns1.sub IN A 10.10.10.1
> > ns2.sub IN A 10.10.10.2
> >
> > The 2 NS RR's are the delegation. Because the two name servers for
the
> > new zone end in the parent's domain name, you must include A RR's for
them
> > in the parent zone file so other name servers can get the IP addresses
for
> > ns1.sub and ns2.sub. If the new name servers are in some other
> > domain/zone, then, it is the responsibility of the other zone's
> > administrator to maintain these A RR's.
>
> I don't think this applies to bind 4.9 but I just struggled with
> this same issue myself. The problem I was having was that I needed
> to turn off forwarders in my master zone.
>
> zone "wmi.com" {
> type master;
> allow-update {
> key DHCP_UPDATER;
> 127.0.0.1;
> 192.168.1.9;
> 192.168.1.18;
> };
> file "wmi.com";
> forwarders {};
> };
>
> It seems forwarders override delegations. At some point I'll break down
No, forwarding does not override delegation. If a name server is
authoritative for a zone, then it will not use forwarders. If a name
server is not authoritative for a zone and does not have the requested
data cached, then it will use its forwarders. Really, the concepts of
forwarders and delegation are not related, however, the resolution process
sort of ties them together...
hth,
Dave...
> and
> turn forwarders off globally.
>
> - Joel
>
More information about the bind-users
mailing list