LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 01-05-2005, 06:03 PM   #1
greyhammer
LQ Newbie
 
Registered: Jan 2005
Posts: 15

Rep: Reputation: 0
Nameserver on different domain?


Hello all.

I'm setting up my own DNS using BIND 9. Now the problem lies in this - I've set up the first nameserver on my own domain, but the secondary nameserver is not on my domain! So this is how my zone file reads: say example.com is my domain...

$ORIGIN example.com.
$TTL 86400

@ IN SOA ns.example.com. root.example.com. (
2005010601 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN A 11.22.33.44
IN NS ns.example.com.
IN NS dns1.other.com.
IN MX 10 ns.example.com.

ns IN A 11.22.32.44

NOW, how do I add the A record for the dns1.other.com. hostname? If I don't then is there a hassle as such? Because the root servers will know what the A record for the secondary nameserver is, so I should be in the clear even if I don't specify the IP for the secondary nameserver - right??

Thanks
 
Old 01-05-2005, 08:01 PM   #2
scowles
Member
 
Registered: Sep 2004
Location: Texas, USA
Distribution: Fedora
Posts: 620

Rep: Reputation: 31
Bind/named will not allow you to add an address record that is outside the SOA for that zone. In fact, you would see an error logged (out-of-zone data) when named starts stating that dns1.other.com is invalid and being ignored.

So the way you have your zone file listed is correct.
 
Old 01-06-2005, 04:30 AM   #3
greyhammer
LQ Newbie
 
Registered: Jan 2005
Posts: 15

Original Poster
Rep: Reputation: 0
Well, I see what you say, but I'm curious - how do ISPs maintain SOAs for different domains though their nameservers are sitting on their own domains?

I mean, how does,

dns1.isp.com maintain an SOA for mydomain.com?

More than midly curious,
Thanks!
 
Old 01-06-2005, 06:24 AM   #4
greyhammer
LQ Newbie
 
Registered: Jan 2005
Posts: 15

Original Poster
Rep: Reputation: 0
I mean, how do I provide the glue for the nameservers not on my domain - or is that not possible??
 
Old 01-06-2005, 06:48 AM   #5
scowles
Member
 
Registered: Sep 2004
Location: Texas, USA
Distribution: Fedora
Posts: 620

Rep: Reputation: 31
Quote:
Originally posted by greyhammer
I mean, how does, dns1.isp.com maintain an SOA for mydomain.com?

More than midly curious,
Thanks!
Your question is confusing, but I think I understand what you are asking

A DNS server can only be authoritative for the zones it loads, but it can answer queries for other domains (like yahoo.com), but it is NOT authoritaive for yahoo.com. It simply caches the results for future queries.

Example:
Code:
C:\>nslookup
Default Server:  ns1.mydomain.com
Address:  192.168.9.4

> www.mydomain.com
Server:  ns1.mydomain.com
Address:  192.168.9.4

Name:    www.mydomain.com
Address:  192.168.9.2

> www.yahoo.com
Server:  ns1.mydomain.com
Address:  192.168.9.4

Non-authoritative answer:
Name:    www.yahoo.akadns.net
Addresses:  68.142.226.34, 68.142.226.48, 68.142.226.53, 68.142.226.46
          68.142.226.33, 68.142.226.39, 68.142.226.36, 68.142.226.45
Aliases:  www.yahoo.com
A couple of things to notice about the above:
1) The query for www.mydomain.com was authoritative - meaning that the zone for mydomain.com is loaded on my DNS server.

2) The query for www.yahoo.com was answered by my DNS server, but the reply was non-authoritative. Meaning that my DNS server does not load the yahoo.com zone file. It had to first goto the root name servers to find the SOA for yahoo.com and then query yahoo's name server (which is authoritative) to finally return the answer. In DNS terminology, this is called recursion.

A good example of recursion can be demonstrated by using dig's trace option. Example:
# dig +trace www.yahoo.com a

BTW: Your ISP's name server works in the same way. Although they probably have separate DNS servers. One's that are authoritative for their domains and others that are configured as caching-only. The caching only servers do not load any authoritative zones and are typically queried by their customer base. i.e. resolv.conf points to these caching only servers.
 
Old 01-06-2005, 07:31 AM   #6
scowles
Member
 
Registered: Sep 2004
Location: Texas, USA
Distribution: Fedora
Posts: 620

Rep: Reputation: 31
Quote:
Originally posted by greyhammer
I mean, how do I provide the glue for the nameservers not on my domain - or is that not possible??
You don't add glue records (address records) for the name servers which are outside your SOA. The root name servers will return the other.com records mentioned in your example.

The zone file you posted is correct. List both name servers (NS records), but only the glue records that your server is authoritative for.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
which is my nameserver. bruse Linux - Networking 3 07-16-2005 01:45 AM
bought domain name, trying to configure nameserver edschurr Linux - General 2 02-19-2005 05:09 PM
Creating nameserver to resolve purchased domain to my computer techrolla Linux - Networking 11 07-30-2004 02:49 PM
change nameserver domain on ssh ? maxboost Linux - Networking 1 10-07-2003 11:57 PM
Need help with a domain / nameserver problem jfall Linux - Networking 9 10-09-2002 05:33 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 02:10 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration