How to configure delegation

Chris Buxton cbuxton at menandmice.com
Tue Jun 12 20:29:00 UTC 2007 

Strategy 1:

No changes to named.conf on servers A and B. Instead, in the parent  
zone on server A, create a delegation NS record like this:

xxx	NS	dns-server-c.fqdn.

You may also need a glue record, depending on the actual name of  
server C.

Then create the subzone on server C as normal. You'll need to edit  
named.conf to add a zone statement, and also create a zone file.

This is fine if you know that server C will be the only auth server  
for the subzone, or if you're willing and able to update the NS RRSet  
as needed.

Strategy 2:

Make no changes to the zone file on server A. Instead, on both  
servers A and B, create the following zone statement in named.conf:

zone "xxx.abc.intranet.com." {
	type stub;
	masters { 172.0.0.1; };
	file "path/to/xxx.abc.intranet.com-stub";
};

Then, again, create the subzone on server C as normal.

This more complex and less intuitive approach allows you to "fire and  
forget" - as long as server C is always going to be an auth server  
for the subzone, you don't need to know what other servers are also  
authoritative for that zone - server C will periodically update the  
effective delegation records for both servers A and B. Note that you  
need to set up the stub zone on server B because the delegation  
records created by the stub zone on server A are not transferred to  
server B as part of a zone transfer of the parent zone.

Chris Buxton
Men & Mice

On Jun 12, 2007, at 1:31 AM, Apache Apache wrote:

> Hi,
>
> I have 3 DNS servers in an Intranet environment. DNS Server A (ie.  
> 10.0.0.1)
> is master of domain name abc.intranet.com and DNS server B (ie  
> 10.0.0.2) is
> slave server to DNS Server A. I would like to delegate domain name
> xxx.abc.intranet.com to DNS Server C (ie. 172.0.0.1). That is to  
> say, DNS
> Server C will be master DNS of xxx.abc.intranet.com.
>
> Kindly advise what changes do I need to make to the named.conf file  
> of all
> the servers as well as the db files of all the servers.
>
> Thank you.
>
> _________________________________________________________________
> Get MSN Messenger emoticons and display pictures here!
> http://ilovemessenger.msn.com/?mkt=en-sg
>
>

More information about the bind-users mailing list