how to create a private "test." zone?

Ben Bridges bbridges at springnet.net
Mon Mar 2 01:58:16 UTC 2009 

> sun
>    NB: it also forwards to "isp" dns server.

If your sun server is configured to use your isp dns server as a forwarder, then I think it will forward requests for example.test to the isp server even though it delegated example.test to plesk.  That would seem to be supported by the fact that your sun server knows it is not authoritative for example.test (no AA flag in response to the query for example.test) and that you see it sending requests to the isp server (although you don't specify that it is sending requests to it for example.test).  You could try creating example.test as a forward zone in named.conf on your sun server and specifying plesk as the forwarder for that zone.
 

________________________________

From: bind-users-bounces at lists.isc.org on behalf of Rui Lopes
Sent: Sun 3/1/2009 2:46 PM
To: bind-users at lists.isc.org
Subject: how to create a private "test." zone?



Hello,

I'm trying to create a private "test." zone for use in my local
"testing lab".

I've setup an recursive DNS server that will serve the "test." zone
(in Sun host; see the network diagram bellow).

The resolution of a domain in the "test" zone works as expected, eg:

    dig sun.test
; <<>> DiG 9.4.2-P2 <<>> sun.test
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 65413
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL:
0

;; QUESTION SECTION:
;sun.test.                      IN      A

;; ANSWER SECTION:
sun.test.               600     IN      A       192.168.2.1

;; AUTHORITY SECTION:
test.                   600     IN      NS      sun.test.

;; Query time: 2 msec
;; SERVER: 192.168.2.1#53(192.168.2.1)
;; WHEN: Sun Mar  1 10:39:28 2009
;; MSG SIZE  rcvd: 56


After this, I wanted to delegate the "example.test." zone to another
local DNS server of mine (the Plesk host). I did the delegation by
adding the following RR in the "test." zone (in the Sun host):

    example         IN      NS      plesk


I tried to resolve the "example.test" domain with:

    dig example.test
; <<>> DiG 9.4.2-P2 <<>> example.test
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20407
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;example.test.                  IN      A

;; Query time: 31 msec
;; SERVER: 192.168.2.1#53(192.168.2.1)
;; WHEN: Sun Mar  1 10:40:39 2009
;; MSG SIZE  rcvd: 30


Which failed...

NB: I can see my local dns server sending queries to my isp dns
server.  But why?

NB: Asking the same question directly at the Plesk DNS server works:

    dig example.test @plesk.test
; <<>> DiG 9.4.2-P2 <<>> example.test @plesk.test
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2358
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL:
0

;; QUESTION SECTION:
;example.test.                  IN      A

;; ANSWER SECTION:
example.test.           86400   IN      A       192.168.2.10

;; AUTHORITY SECTION:
example.test.           86400   IN      NS      plesk.test.

;; Query time: 2 msec
;; SERVER: 192.168.2.10#53(192.168.2.10)
;; WHEN: Sun Mar  1 10:41:43 2009
;; MSG SIZE  rcvd: 66


What I'm doing wrong in the delegation, and how can I fix it?


My network diagram is:

    +-------------+
    |     isp     |
    +-------------+ 10.0.2.3 (DNS)
           |
    -------+------------------------------------------- 10/24
           |
    +-------------+ 10.0.2.15     +-------------+
    |     sun     |               |    plesk    |
    +-------------+ 192.168.2.1   +-------------+ 192.168.2.10
           |                             |
    -------+-----------------------------+------------- 192.168.2/24

isp
    my ISP DNS server host.
sun
    my local DNS server host that hosts the "test." zone.
    NB: this is an recursive server.
    NB: it also forwards to "isp" dns server.
    NB: local resolv.conf points to 192.168.2.1
plesk
    my other local DNS server host that hosts the "example.test."
zone.
    NB: this is an authoritative server only.
    NB: local resolv.conf points to 192.168.2.1


This is what the Sun DNS server has about the "test." zone:

$TTL            10m             ; default TTL
$ORIGIN         test.           ; base domain-name
@               IN      SOA     sun hostmaster (
                                    2008042800 ; serial
                                    10m        ; refresh
                                    15m        ; retry
                                    3w         ; expire
                                    10m        ; minimum
                                    )

                IN      NS      sun

sun             IN      A       192.168.2.1
plesk           IN      A       192.168.2.10

; delegate example.test. to plesk.test.
example         IN      NS      plesk
;example        IN      A       192.168.2.10


And this is what the Plesk DNS server has about the "example.test."
zone:

@       IN      SOA     plesk.test. ironman.example.test. (
                        1235830200      ; Serial
                        10800   ; Refresh
                        3600    ; Retry
                        604800  ; Expire
                        10800 ) ; Minimum

example.test.            IN NS   plesk.test.
example.test.            IN A    192.168.2.10



If you need more information, please let me known.

Thanks!


Best regards,
Rui Lopes

_______________________________________________
bind-users mailing list
bind-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20090301/6f00e0d1/attachment.html>

More information about the bind-users mailing list