named-checkzone with multiple $ORIGIN

[Mark Andrews]

In message <CAH3AE4Yn4zHM3SBV60pQr+467ooVRxVq-LWkT+BE44KY2rCbow at mail.gmail.com>
, Bernard Fay writes:
> Sorry keyboard problem...
> 
> 
> I took control of a DNS based on Bind 9.9.  One of the zone files have
> multiple $ORIGIN for example:
> 
> $ORIGIN example.com
> ...
> $ORIGIN sub1.example.com
> ...
> $ORIGIN sub2.example.com
> ...
> $ORIGIN sub3.example.com
> ...
> 
> 
> While checking the zone file with:
> named-checkzone example.com example.com.zone
> named-checkzone returns ok for the first $ORIGIN.
> 
> But doing
> named-checkzone sub1.example.com example.com.zone
> named-checkzone sub2.example.com example.com.zone
> named-checkzone sub3.example.com example.com.zone
> named-checkzone reports many "ignoring out-of-zone data (....example.com)"
> 
> Using multiple $ORIGIN in a single zone file works but named-checkzone does
> not seem to like the idea.
> 
> Is there something wrong by using multiple $ORIGIN in a single zone file or
> my understanding of named-checkzone is wrong?

Your understanding of what $ORIGIN does in a master file is wrong.
It is a way to reduce the amount of typing you do by setting the
suffix to be appended to non absolute names though over use will
defeat that.

$ORIGIN example.com.
@ SOA ns hostmaster 0 0 0 0 0
@ NS ns
ns A 1.1.1.1
$ORIGIN sub1.example.com.
@ A 1.2.3.4
$ORIGIN sub2.example.com.
@ A 1.2.3.8

expanded is

example.com. SOA ns.example.com. hostmaster.example.com. 0 0 0 0 0
example.com. NS ns
ns.example.com. A 1.1.1.1
sub1.example.com. A 1.2.3.4
sub2.example.com. A 1.2.3.8

$ORIGIN doesn't mean start of a zone though every zone has a implict
$ORIGIN set when it is being loaded.
 
> Thanks,
> Bernard
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org