Bind doesn't make zone delegation.

Ellad G. Yatsko eyatsko at ngs.ru
Thu Apr 19 07:38:07 UTC 2012 

>     Hello!
>
>     I have FreeBSD 7.2 x64 installed. And Bind 9.4:
>
>     /etc/namedb> named -v
>     BIND 9.4.3-P2
>
>     I have zone "/united-networks.ru/" and I try to do the following:
>     ...
>     $ORIGIN sokol.msk.united-networks.ru.
>     @                       IN NS   srvgate
>     srvgate                 IN A    172.31.16.16
>     $ORIGIN united-networks.ru.
>     ...
>
>     As I understand I delegated the SOA (IN NS) to server with name
>     srvgate.sokol.msk.united-networks.ru ("srvgate" has no tailing "dot"
>     so domain "sokol.msk.united-networks.ru" from $ORIGIN operator 
> will be
>     appended), then I placed "glue"-record with srvgate.sokol.msk's 
> address.
>     It is because as I understood nameserver of delegated zone is in it.
>
>     From here I thought on the server 172.31.16.16 (it's Ubuntu) I must
>     receive DNS-requests related to zone sokol.msk.united-networks.ru. 
> For
>     example if I try do nslookup sokol.msk.united-networks.ru on FreeBSD
>     7.2 x64. But:
>
>     /etc/bind# hostname -f
>     srvgate.sokol.msk.united-networks.ru
>     /etc/bind# tshark -ta -ni tun0 -R dns
>     Running as user "root" and group "root". This could be dangerous.
>     Capturing on tun0
>
>     ...there is nothing! And FreeBSD issues NXDOMAIN. I say more - 
> FreeBSD
>     tries to resolve name "sokol.msk.united-networks.ru" through its 
> forwarder in
>     external world!
>
>     Where am I wrong? I simulated this situation with the same 
> configurations
>     on Ubuntu (Bind 9.7.0-P1) and fresh-installed FreeBSD 9.0 x64 
> (Bind 9.8.1-P1).
>     All works fine!
>
>     -------------------------------------- related portion of 
> named.conf --------------------------------------
>     options {
>              directory       "/etc/namedb";
>              pid-file        "/var/run/named/pid";
>              dump-file       "/var/dump/named_dump.db";
>              statistics-file "/var/stats/named.stats";
>
>              listen-on       {
>                      ....
>                      127.0.0.1;
>                      172.16.0.1;
>                      172.16.1.1;
>                      172.16.2.1;
>                      172.31.0.1;
>              };
>
>              forwarders {
>                      89.222.167.2;
>                      8.8.8.8;
>              };
>              recursion yes;
>              allow-recursion {0/0;};
>     };
>
>     ...
>
>     view internal {
>              match-clients {
>                      127.0.0.0/8;
>                      172.16.0.0/12;
>              };
>     ...
>              zone "united-networks.ru" {
>                      type master;
>                      file "master/forward/united-networks.ru.internal";
>                      allow-transfer {
>                              172.16.0.2;
>                              172.16.16.2;
>                              172.31.16.16;
>                              172.31.17.0;
>                              172.31.18.0;
>                      };
>              };
>     ...
>     };
>     ...
>     
> -----------------------------------------------------------------------------------------------------------
>
>     Kind regards,
>     Ellad

More information about the bind-users mailing list