Trying simple NS delegation for a subdomain * I cannot get it to load/work.
Mark Andrews
marka at isc.org
Thu Aug 28 00:19:02 UTC 2025
> On 28 Aug 2025, at 10:01, Steve Gladden <steve at michiganbroadband.com> wrote:
>
> Hi this is my first post ever.
> I’m stuck on a very simple task that I have not been able to get it to work.
> I have done this in the past with older versions of BIND but it has been quite a while.
>
> I’m trying to delegate to an external provider’s nameserver for a “subdomain” of mine.
> The parent zone file works properly and loads and serves everything as expected.
> But will not load and serve my NS record pointing an external provider’s DNS.
>
> I can get much more specific as need-be
> I am on and up to date version of Debian Server and up to date version of Bind9
> named -v
> BIND 9.18.28-1~deb12u2-Debian (Extended Support Version) <id:>
>
> This is a generic example of what I am trying to do.
> The top two parent NS records load and serve as expected.
> As well as the A record of course.
>
> But the delegated NS record at the bottom does not get loaded or served when queried for it
> I am using dig as you may expect to determine this.
> I must be totally missing something simple but I am totally stumped on this at the moment.
To test whether the record is loaded do a NON-RECURSIVE query. You are currently
testing the loading AND the recursive lookup.
Check whether the delegation is present:
dig +norec test.domain.com NS @the-parent-server
Check whether the delegated zone is loaded:
dig +norec test.domain.com NS @ns1.anothernameserver.com
Check whether recursion worked:
dig test.domain.com NS
> $TTL 3600
> $ORIGIN domain.com.
> @ IN SOA domain.com. admin.domain.com. (
> 2017090101 ; Serial
> 10800 ; Refresh
> 1800 ; Retry
> 1209600 ; Expire
> 3600 ; Negative Cache TTL
> )
> @ IN NS ns1.domain.com.
> @ IN NS ns2.domain.com.
> @ IN A 1.2.3.4
> www IN A 1.2.3.4
> $ORIGIN test.domain.com.
> @ IN NS ns1.anothernameserver.com.
>
>
>
> dig @localhost test.domain.com NS
> ; <<>> DiG 9.18.28-1~deb12u2-Debian <<>> @localhost test.domain.com ns
> ; (2 servers found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 59084
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 1232
> ; COOKIE: fb069e980ad743db0100000068af9952a0efd48210391401 (good)
> ;; QUESTION SECTION:
> ;test.domain.com. IN NS
> ;; Query time: 31 msec
> ;; SERVER: 127.0.0.1#53(localhost) (UDP)
> ;; WHEN: Wed Aug 27 19:48:34 EDT 2025
> ;; MSG SIZE rcvd: 69
>
> Thank you for any pointers..
> I have spent about a day searching the web before posting. Many examples say to do it the way I am doing it.
> And I’ve done it before this way.
> Not sure what I am missing.
>
> -SteveG
> --
> Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>
> ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
>
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list