LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 04-29-2013, 02:56 PM   #1
speed12sil
LQ Newbie
 
Registered: Apr 2013
Posts: 4

Rep: Reputation: Disabled
Question about dns domain and sub-domain on different DNS server


Okay, my first post, and it's a long one...

Our company needs to set up two DNS servers such that one would deal with the main domain DNS resolves, and the other deal with the sub-domain resolves.

The main domain is:

acme.com

and the sub-domain

lab.acme.com


The main domain DNS server runs Microsoft server with DNS service enabled, and the sub-domain DNS server is a Redhat Linux. The main domain DNS server seems to be able to delegate searches for "lab" to the sub-domain server correctly, such that all searches for servers that reside in the sub-domain, e.g. server-1.lab.acme.com, can be resolved via this hand-off.

The two problems I have right now are that

1) The linux DNS server does not seem to be able to forward main domain queries received from users in "lab" to the MS DNS server.

Edit: named.conf with correct forwarding configured fixes this issue.

2) Searches for the devices in the main domain must be typed out in full.

So for example, if I want to resolve a server called "dragon" in the main domain:

dragon.acme.com

I cannot just type "dragon" and have DNS resolve it to dragon.acme.com. I must type in the full name to get it to resolve.

Is it even possible to have DNS fallback to main domain and append the path once the sub-domain search comes up empty, or it is not intelligent enough to do this kind of search?

Edit: Problem two revised to reflect current situation, simplified by having only one DNS specified in dhcpd.conf.

Below is the name.conf:

Code:
options {
        listen-on port 53 { any; };
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { localhost; any; };
        recursion yes;
//      forward only;
//      forwarders { 10.1.10.30;};
        dnssec-enable yes;
        dnssec-validation yes;
        dnssec-lookaside auto;

        /* Path to ISC DLV key */
        bindkeys-file "/etc/named.iscdlv.key";
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

zone "." IN {
        type hint;
        file "named.ca";
};

zone "acme.com" {
        type forward;
        forward only;
        forwarders { 10.1.1.2; };
//main domain DNS server IP
};

zone "lab.acme.com" {
        type master;
        allow-query {any; };
        file "lab.acme.com.zone";
        };
and this is the zone file for lab.acme.com:


Code:
$TTL 1D
$ORIGIN lab.acme.com.
@               IN      SOA     ns1.lab.acme.com. admin.lab.acme.com. (
                                        0       ; serial
                                        2h      ; refresh
                                        15m    ; retry
                                        604800  ; expire
                                        86400   ; minimum
                                        )
                IN      NS      ns1
                IN      NS      dc1
;NS specifically reserved for name-server use, points to the name-server IP address, in this case it points to the pointer, which is ns1
ns1             IN      A       10.1.5.2
dc1             IN      A       10.1.1.2

server-1        IN      A       10.1.5.1
server-2        IN      A       10.1.5.2
;server for testing DNS
Thanks to all for answering this. I am pulling my hair out, and I've searched google and linux questions already so...

Last edited by speed12sil; 04-29-2013 at 05:47 PM.
 
Old 04-29-2013, 03:49 PM   #2
jpollard
Senior Member
 
Registered: Dec 2012
Location: Washington DC area
Distribution: Fedora, CentOS, Slackware
Posts: 1,984

Rep: Reputation: 512Reputation: 512Reputation: 512Reputation: 512Reputation: 512Reputation: 512
I think this goes back to the /etc/resolv.conf file.

Unless you provide a FQDN for query, DNS will default to the "search" entry in the resolv.conf. This allows default short names to use the "domain" entry, but the search entry extends this search to other domains. Note, this does mean that lookups for a "xyz" host will occur in the local domain (such as xyz.local.org.domain), but will not find xyz in a higher level domain (such as xyz.org.domain) because that would be a secondary lookup- and it isn't done as soon as the name is resolved.

So I think your resolv.conf file should have something like:
Code:
domain lab.acme.com
search lab.acme.com acme.com
server ....
...
 
Old 04-29-2013, 04:00 PM   #3
speed12sil
LQ Newbie
 
Registered: Apr 2013
Posts: 4

Original Poster
Rep: Reputation: Disabled
Okay the FQDN part makes sense. I know if that I manually change the resolv.conf file to include the main domain, then the search for dragon does work.

However, I thought that the resolv.conf file is cannot be modified by the dhcp server when it's handing out IP address and giving dns/ntp/default domain info? I know I can specify the domain for the dhcp client when handing out IP address, but I don't believe I can specify which domain the client should search in (thus modifying the client's resolv.conf file) when it wants to do DNS resolve.

Last edited by speed12sil; 04-29-2013 at 04:01 PM.
 
Old 04-29-2013, 04:45 PM   #4
jpollard
Senior Member
 
Registered: Dec 2012
Location: Washington DC area
Distribution: Fedora, CentOS, Slackware
Posts: 1,984

Rep: Reputation: 512Reputation: 512Reputation: 512Reputation: 512Reputation: 512Reputation: 512
It can be modified by dhclient when getting/configuring an interface. How much can be controlled by a dhclient.conf file.
 
Old 04-29-2013, 04:53 PM   #5
speed12sil
LQ Newbie
 
Registered: Apr 2013
Posts: 4

Original Poster
Rep: Reputation: Disabled
I'm getting confused here so...Is the dhclient.conf file used by the dhcp server to control the dhcp client, or is it changed locally on the client itself?
 
Old 04-29-2013, 05:44 PM   #6
speed12sil
LQ Newbie
 
Registered: Apr 2013
Posts: 4

Original Poster
Rep: Reputation: Disabled
I got my first question solved, got the forward option in named.conf working. And it would seem that if I use a Linux client to do search for "dragon", it can append acme.com in addition to lab.acme.com, as I want it. However, Windows client cannot do this multiple domain auto append, and must have the full domain name spelled out to properly resolve.

Interesting...
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
DNS server for new domain helpmhost Linux - Networking 2 08-07-2009 03:28 PM
Want new domain to act as alias for current domain: email, dns, etc. cotton213 Linux - Server 3 07-01-2008 03:11 PM
DNS http:domain.com resolve to www.domain.com keysorsoze Linux - Networking 3 02-12-2007 03:03 AM
Traceroute, Ping, Domain Name Server (DNS) Lookup, WHOIS, and DNS Records Lookup netoknet General 1 05-09-2005 03:43 AM
DNS multiple domain question jmcrtp Linux - Networking 0 02-09-2002 09:55 PM


All times are GMT -5. The time now is 03:30 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration