Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I know I don't but that's no real indication of anything.
What I'd be less sure of is whether or not bind will even see the subdomain zone file, since it's looking in example.com.zone for *.example.com, does it chaeck early enough for the exemption that is *.sub.example.com?
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
No, typically you do not separate out sub-domain unless they are delegated to different sets of nameservers.
Also, your root zone should have "glue" for the sub-domain, i.e. the root zone should have A records for all the nameservers in the sub-domain, as well as the NS records for the sub-domain (if you choose to split sub-domains into their own zones).
Typically you would have each zone in its own file. This is because the ORIGIN is set automatically by the named.conf zone statement, allowing hostname-only lines to just work. And you don't need to change ORIGIN's mid-file for the sub-domain. It also makes delegation easier (you can just pass on the zone files to the sub-domain owner). For small sites, it doesn't really matter; do what works for you.
Thanks for all your input.
I think it's more organized and easier for me to view by having a separate zone file for each sub-domain.
The sub-domain sub.linux.com is delegated to another NS but only some of the zones (ex: _msdcs.sub.linuxorg.com. > delegated to Windows DNS). The current local BIND server is still the SOA for the sub-domain sub.linuxorg.com.
In this case, by having separate zone file for the sub-domain and only delegating some of the sub-domain's zone to another NS, do I still need to add a glue record in the root zone file?
This would be the sub-domain sub.linuxorg.com's zone file:
$TTL 84600
sub.linuxorg.com. IN SOA ns1.linuxorg.com. root.localhost. (
20070911 ; serial
3H ; refresh interval
15M ; retry interval
1W ; zone expires in ..
1D ; minimum TTL
)
NS ns1.linuxorg.com.
$ORIGIN sub.linuxorg.com.
A 10.20.30.2
ns1 A 10.20.30.100
comp1 A 10.20.30.50
DC A 10.20.30.200
_msdcs NS DC //*delegating this zone and some others.
A 10.20.30.200
This would be the root zone linuxorg.com's zone file:
$TTL 84600
linuxorg.com. IN SOA ns1.linuxorg.com. root.localhost. (
20070800 ; serial
3H ; refresh interval
15M ; retry interval
1W ; zone expires in ..
1D ; minimum TTL
)
NS ns1.linuxorg.com.
$ORIGIN linuxorg.com.
A 10.20.30.2
ns1 A 10.20.30.100
comp A 10.20.30.200
If I need to add a glue record here, do I add just the zone being delegated (_msdcs.sub.linuxorg.com) from the sub-domain? ex)
_msdcs.sub.linuxorg.com. NS DC.sub.linuxorg.com. A 10.20.30.200
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
Quote:
Originally Posted by linuxfia
If I need to add a glue record here, do I add just the zone being delegated (_msdcs.sub.linuxorg.com) from the sub-domain?
You only need to add glue for the zone being directly delegated.
Say you have a domain c.com, and sub-domains b.c.com and a.b.c.com. You would have this:
Code:
c.com zone:
...
IN NS ns.c.com.
ns IN A 10.1.2.2
ns.b IN A 10.1.2.3
b IN NS ns.b.c.com.
b.c.com zone:
...
IN NS ns.b.c.com.
ns IN A 10.1.2.3
ns.a IN A 10.1.2.4
a IN NS ns.a.b.c.com.
a.b.c.com zone:
...
IN NS ns.a.b.c.com.
ns IN A 10.1.2.4
So basically it's hierarchical. Each enclosing domain has glue for the sub-domain that it immediately delegates to. You can nest as many times as you want this way.
Even if you're not delegating a.b.c.com to a different NS than b.c.com, you would still list the NS record for it in both b.c.com and a.b.c.com. An example of that:
Code:
c.com zone:
...
ns.b IN A 192.168.1.2
b IN NS ns.b.c.com.
b.c.com zone:
...
a IN NS ns.b.c.com.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.