<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p>Yes, but I doubt you would like it more. You can always create
your own parent zone copy and make modified delegation only in it.
Then if it should be DNSSEC signed, you would have to setup trust
anchor for your TLD. But this way, you can test any changes to
zone in your lab, without affecting production zone.</p>
<p>But I think this is an increased work and the result might be
very different. If you want just testing of alternative server
deployment, DNAT (production) server address to your temporary
instance(s). That may work better without extra preparation steps.
Again, this would make it accessible only in your lab, but might
allow you testing whatever you want. I expect you can access any
private keys, which might be used by your own zone.</p>
<p>Hope that helps.</p>
<p>Cheers,<br>
Petr<br>
</p>
<div class="moz-cite-prefix">On 2/4/24 12:13, Gabi Nakibly wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CADE8tbHBkNcjbfmYwgYStfQs=CMA7g1A8AzK7Hc2k4rqawQmgw@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div dir="auto">
<div>Thanks for the response. However, I strongly prefer not to
update the parent zone as this is only a temporary nameserver
for testing purposes. </div>
<div dir="auto">Is there anyway to add a new name server (with a
new name) without updating the parent zone?<br>
<br>
<div class="gmail_quote" dir="auto">
<div dir="ltr" class="gmail_attr">On Sun, Feb 4, 2024, 12:01
Mark Andrews <<a href="mailto:marka@isc.org"
moz-do-not-send="true" class="moz-txt-link-freetext">marka@isc.org</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote"
style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="auto">You have your answer. Update the parent
zone. <br>
<br>
<div dir="ltr">--
<div>Mark Andrews</div>
</div>
<div dir="ltr"><br>
<blockquote type="cite">On 4 Feb 2024, at 18:27, Gabi
Nakibly <<a href="mailto:gabinkbl@gmail.com"
target="_blank" rel="noreferrer"
moz-do-not-send="true"
class="moz-txt-link-freetext">gabinkbl@gmail.com</a>>
wrote:<br>
<br>
</blockquote>
</div>
<blockquote type="cite">
<div dir="ltr">
<div dir="ltr">Hi,
<div>I would like to set up a new
temporary nameserver for my zone (say '<a
href="http://example.com" target="_blank"
rel="noreferrer" moz-do-not-send="true">example.com</a>'),
however for various reasons I prefer not to
change the delegation of my parent zone
('.com'). So I need the current name server ('<a
href="http://ns.example.com" target="_blank"
rel="noreferrer" moz-do-not-send="true">ns.example.com</a>')
to refer resolvers to my new temporary name
server ('<a href="http://ns-temp.example.com"
target="_blank" rel="noreferrer"
moz-do-not-send="true">ns-temp.example.com</a>').
However, when I tried to test this set-up with a
BIND resolver, when the resolver got the
delegation to the temporary name server it
failed with 'non-improving referral'. </div>
<div>How can I resolve this so the delegation will
work for a BIND resolver having default config
(or with any other resolver for that matter)? I
know that I can simply update delegation at the
parent zone to point directly to the new name
server, but I prefer not to do this right now
and I am looking for ways to do this without
changing the parent delegation.</div>
</div>
<span>-- </span><br>
<span>Visit <a
href="https://lists.isc.org/mailman/listinfo/bind-users" target="_blank"
rel="noreferrer" moz-do-not-send="true"
class="moz-txt-link-freetext">https://lists.isc.org/mailman/listinfo/bind-users</a>
to unsubscribe from this list</span><br>
<span></span><br>
<span>ISC funds the development of this software
with paid support subscriptions. Contact us at <a
href="https://www.isc.org/contact/"
target="_blank" rel="noreferrer"
moz-do-not-send="true"
class="moz-txt-link-freetext">https://www.isc.org/contact/</a>
for more information.</span><br>
<span></span><br>
<span></span><br>
<span>bind-users mailing list</span><br>
<span><a href="mailto:bind-users@lists.isc.org"
target="_blank" rel="noreferrer"
moz-do-not-send="true"
class="moz-txt-link-freetext">bind-users@lists.isc.org</a></span><br>
<span><a
href="https://lists.isc.org/mailman/listinfo/bind-users" target="_blank"
rel="noreferrer" moz-do-not-send="true"
class="moz-txt-link-freetext">https://lists.isc.org/mailman/listinfo/bind-users</a></span><br>
</div>
</blockquote>
</div>
</blockquote>
</div>
</div>
</div>
<br>
<fieldset class="moz-mime-attachment-header"></fieldset>
</blockquote>
<pre class="moz-signature" cols="72">--
Petr Menšík
Software Engineer, RHEL
Red Hat, <a class="moz-txt-link-freetext" href="https://www.redhat.com/">https://www.redhat.com/</a>
PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB</pre>
</body>
</html>