How to update QUICKLY for clients on subdomains.

Truong Tan Son sontt at fcv.fujitsu.com
Fri Jan 13 04:19:57 UTC 2006 

Barry Margolin wrote:

> I don't understand why.  When a cached record times out, the caching 
> server should go back to the authoritative server.  It sounds like you 
> may have a problem with your root hints and delegation records, so it 
> doesn't know how to find the authoritative server.

You are right. Subdomains can resolve itself  Ok, the root hint has problem.

I must make crontab to "rndc flush" all nameservers after 1 hour.

Need I remove two options ?

                 allow-query { any;};
                 allow-transfer { any;};


Please refer the config file.

----------------------ROOT  DOMAIN   [domain.com] --------------------------------------------

# File "named.conf"  of  root.domain.com.

options {
        directory "/usr/local/named/etc";
        allow-query { any;};
        allow-transfer { any;};
};
controls {
        inet 127.0.0.1 allow {localhost;} keys { rndc_key;};
};
key "rndc_key" {
        algorithm hmac-md5;
        secret "p1KO/B4vLC2SulaFEg+8KoetL+y4yHBGmkjXWvTHcjk=";
};
zone    "domain.com" in {
        type master;
        file "domain.com.db";
};

# File "domain.com.db" :
$TTL 3600
@       IN      SOA     root.domain.com.       admin.domain.com. (
20052012;
3H;
30M;
1W;
1D;
);
                                         IN      NS      root.domain.com.
domain.com.                      IN      A       172.16.134.85
root.domain.com.              IN       A       172.16.134.85

sub1.domain.com.             IN      NS      root1.sub1.domain.com.
sub1.domain.com.             IN      A       172.16.134.116
root1.sub1.domain.com.    IN      A       172.16.134.116

sub2.domain.com.             IN      NS      root2.sub2.domain.com.
sub2.domain.com.             IN      A       172.16.134.10
root2.sub2.domain.com.    IN      A       172.16.134.10

------------------------SUBDOMAIN   [sub1.domain.com] -------------------------------------------

# File "named.conf"  of  root1.sub1.domain.com

options { directory "/usr/local/named/etc";
          pid-file "/usr/local/named/var/run/named.pid";
        };
controls {
        inet 127.0.0.1  allow {localhost;} keys {rndc_key;};
};
key "rndc_key" {
        algorithm hmac-md5;
        secret "uxAft7VD/Nf0z4urXyVfqZju4w1xsgUyKm93QjVGYcs=";
};
zone "." in {
        type hint;
        file "hint.domain";

};
zone "sub1.domain.com" in {
        type master;
        file "sub1.domain.com.db";
};

# File "hint.domain":
.                                   36000           IN      NS      root.domain.com.
root.domain.com.         36000           IN      A       172.16.134.85

# File "sub1.domain.com.db"
$TTL 3600;
@       IN      SOA     root1.sub1.domain.com.    admin.sub1.domain.com. (
2006040102;
3H;
30M;
1W;
1D;
)
                                            IN      NS      root1.sub1.domain.com.
sub1.domain.com.                IN      A        172.16.134.116
root1.sub1.domain.com.       IN      A        172.16.134.116
------------------------------------------------------------------------------------

Thanks you and best regards,

More information about the bind-users mailing list