3rd tier & 4th tier domains

spamabyss at charter.net spamabyss at charter.net
Thu Nov 17 18:13:27 UTC 2005 

I'm having trouble configuring an internal root server.  My problem is
that we utilize 3rd and 4th tier domain names, and is rejected on
startup. I'm hoping the solution is that I do not have to change the
3rd tier zone to be a 4th tier zone also, since this is enterprise wide
and has existed successfully for many years now.  I would appreciate
any comments/suggestions, heck - even flames :-).  For example, for
customer dns we have zones

d04.mxx.yyy.com
d01.mxx.yyy.com
td3.mxx.yyy.com

but for our internal infrastructure we place our devices in zone

mxx.yyy.com

so in  /usr/local/named1/var/named  wehave

db.d04.mxx.yyy.com
db.mxx.yyy.com

/usr/local/named2/var/named
db.d01.mxx.yyy.com
db.mxx.yyy.com

/usr/local/named3/var/named
db.td3.mxx.yy.com
db.mxx.yyy.com


and works fine for each individual nameserver.

But we need a localhost internal root nameserver that can resolve to
various customer domains as well as our infrastructure zones, but bind
will only search either the 4th tier or third tier, or just fail to use
the db.root if I include both there

//named.conf

options {
        directory "/usr/local/named0/var/named";
        listen-on { 127.0.0.1; };
        pid-file "/usr/local/named0/var/run/named.pid";
};
zone "." IN {
   type master;
   file "db.root";
};
zone "localhost" IN {
  type master;
  file "fwd.localhost";
};
zone "0.0.127.in-addr.arpa" IN {
        type master;
        file "localhost.rev";
};

=========================================

;db.root

. IN    SOA localhost. root.localhost. (
                              2005111501 ; serial
                              3H ; refresh
                              15 ; retry
                              1w ; expire
                              3h ; minimum
                             )

   IN  NS localhost.


td3.mxx.yyy.com. 9999999   IN      NS      crytd3-ic1.mxx.yyy.com.
d01.mxx.yyy.com. 9999999   IN      NS      crytd3-ic1a.mxx.yyy.com.
d04.mxx.yyy.com. 9999999   IN      NS      crytd3-ic1b.mxx.yyy.com.

; When commented out, the db.root file is loaded and I can resolve the
4th tier zones
;  If I uncomment these, I get non-glue records error and db.root does
not load.
;mxx.yyy.com. 9999999   IN      NS      crytd3-ic1.mxx.yyy.com.
;                      9999999   IN      NS
crytd3-ic1a.mxx.yyy.com.
;                      9999999   IN      NS
crytd3-ic1b.mxx.yyy.com.
;

crytd3-ic1.mxx.yyy.com.    9999999 IN A 189.74.76.22
crytd3-ic1a.mxx.yyy.com.   9999999 IN A 189.74.76.52
crytd3-ic1b.mxx.yyy.com.   9999999 IN A 189.74.76.55

$INCLUDE rev.td3.mso.mci.com
$INCLUDE rev.d01.mso.mci.com
$INCLUDE rev.d04.mso.mci.com


Please let me know if I need to provide more info.  I think it is
enough for someone to tell me what I don't want to hear :-)   I just
didn't want to clutter it up with more than necessary.
TIA!!

More information about the bind-users mailing list