Zone name conflicts / overlapping

Ben C. armondbc at gmail.com
Mon Sep 19 05:45:35 UTC 2011


Hello all,

This is my first post to bind-users, so I would like to first of all
say hello, and thanks to everyone who takes their time to read and
respond to any mailing list post. =)

I have a fairly complex situation where I have a pDNS server and a ISC
BIND server, both containing unique zones.  I'm trying to make them
"sync" to each other so that the end result is they both contain the
same list of zones, and update the opposite's zone files regularly.  I
am doing my best in designing it so that it *shouldn't* have the
possibility of a zone conflict, where server A says something about
zone "foo.com", and server B contains it's own unique record, so when
they sync, .. well ...

I noticed with BIND, what I expected happens if the situation occurs:

zone "foo.com" {
  type master;
  file "/path/to/some.file";
};

// .. some stuff
zone "foo.com" {
  type master;
  file "/path/to/some.other.file";
  // ^^ They can be the same file, too ..
};

-- BIND simply refuses to start, which is great because it allows me
to /see/ the error a little easier.

However, the situation got interesting when the following occurs:

zone "ns1.foo.com" {
  type master;
  file "/path/to/ns1.foo.com";
};

zone "foo.com" {
  type master;
  file "/path/to/foo.com";
};

Where ns1.foo.com's zone file would obviously contain an A record for
itself (ns1.foo.com.) and then foo.com's zone file contains an A
record for the same zone / hostname, ns1.foo.com.

It appears to me, BIND sees the conflict / overlap but does not care
about the order they are in, nor cares to exit (or even tell anybody
about it), but simply use the more "specific" zone file which would be
"ns1.foo.com".  I'm pretty sure this is intended behavior. Although
for my specific and very individual circumstance, this is not ideal
for me, but I'm by no means saying this is a bug, or "bad" behavior.

I'm simply trying to figure out (1) if this is indeed the correct
assumption, that BIND will always use the more "specific" zone,  ...
(2) if there are ways to modify the behavior (short of editing the way
BIND, or even DNS works) ...  (3) if there is a way to at least
identify this kind of behavior in logs (error/warning message? maybe
I'm missing it..) .. (4) a link or referral to any kind of relevant
information would be useful -- documentation, mailing lists, anything
-- I did a _lot_ of googling and even peeked around on IRC asking
around, but either I'm not asking the question correctly, or it's not
a very common thing :)

Thanks for your time,
Ben



More information about the bind-users mailing list