Geek asks and answers

How to redirect a subzone

I use Bind9 as a DNS server for my office.

We have a zone: example.com. which should be resolved from our DNS server as authoritative.

On the other hand, we have sub.example.com. The zone that should be redirected to another DNS server.

Be sure to answer the question when we request any entry on example.com. zone. But it is not suitable for requests about sub.example.com. since it does not redirect. He continues to search for an answer locally.

This is the named.conf file

zone "sub.example.com" IN { type forward;
        forwarders {172.21.238.229;172.21.238.230;};
        forward only;
};


zone "example.com" {
        type master;
        forwarders {};
        file "/etc/named/example.com.db";
};

This is the contents of example.com.db:

$ORIGIN example.com.
$TTL 1W
@   IN  SOA     dnsldes.example.com. postmaster.example.com. (
                               6            ; serial number
                               3600         ; refresh   [1h]
                               600          ; retry     [10m]
                               86400        ; expire    [1d]
                               3600 )       ; min TTL   [1h]
;


      IN     NS      dnsldes.example.com.

bdred           IN      A       172.22.2.150
dnsldes IN      A       172.21.229.159

This is the output for the bdred.example.com request using the dig client command (this is normal):

; <<>> DiG 9.8.1-P1 <<>> bdred.sub.example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9764
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;bdred.sub.example.com.         IN      A

;; AUTHORITY SECTION:
example.com.            3600    IN      SOA     dnsldes.example.com. postmaster.example.com. 6 3600 600 86400 3600

;; Query time: 4 msec
;; SERVER: 172.21.229.159#53(172.21.229.159)
;; WHEN: Mon Mar 11 12:55:02 2013
;; MSG SIZE  rcvd: 94

And this is the answer to the dig request that doesn't work:

; <<>> DiG 9.8.1-P1 <<>> bdred.sub.example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26555
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;bdred.sub.example.com.         IN      A

;; AUTHORITY SECTION:
example.com.            3600    IN      SOA     dnsldes.example.com. postmaster.example.com. 6 3600 600 86400 3600

;; Query time: 4 msec
;; SERVER: 172.21.229.159#53(172.21.229.159)
;; WHEN: Mon Mar 11 13:09:07 2013
;; MSG SIZE  rcvd: 94

Please, what are we doing wrong?

+5
source share
2

- named.conf. , :

$ORIGIN example.com.
$TTL 1W
@   IN  SOA     dnsldes.example.com.  postmaster.example.com. (
                               6            ; serial number
                               3600         ; refresh   [1h]
                               600          ; retry     [10m]
                               86400        ; expire    [1d]
                               3600 )       ; min TTL   [1h]
;


      IN     NS      dnsldes.example.com.


dnsldes IN  A   XXX.XXX.XXX.XXX
bahamas IN  CNAME   bdred



; Delegations and Glue
$ORIGIN sub.example.com.
@       IN      NS      lmzdns1.sub.example.com.

        IN      NS      lmzdns2.sub.example.com.

lmzdns1 IN      A       XXX.XXX.XXX.XXX
lmzdns2 IN      A       XXX.XXX.XXX.XXX
+7

:

NS- , .

:

: one.domain : sub.one.domain

sub.one.domain dns google.

sub.one.domain externalns.one.domain, NS one.domain:

sub.one.domain.    IN    NS    externalns.one.domain.

A externalns.one.domain:

externalns.one.domain    IN    A    8.8.8.8
+2

More articles:


All Articles