LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
LinkBack Search this Thread
Old 11-04-2011, 03:49 AM   #1
Pete-L
LQ Newbie
 
Registered: Nov 2011
Posts: 13

Rep: Reputation: Disabled
BIND SOA Configuration on a Sub Domain


Hello,

I was hoping someone could help me solve this problem with BIND, SOAs and Sub Domains

I have the following domain

mydomain.co.uk
NS = ns1.provider.com
NS = ns2.provider.com
SOA = ns1.provider.com
A = ns1.mydomain.co.uk 1.1.1.1
A = ns2.mydomain.co.uk 2.2.2.2

I have created a subdomain -

subdom.mydomain.co.uk
NS = ns1.mydomain.co.uk
NS = ns2.mydomain.co.uk

A Records should be handled by ns1/2.mydomain.co.uk for the subdom.mydomain.co.uk and www.subdom.mydomain.co.uk

The problem is that when I do a lookup against subdom.mydomain.co.uk its not getting an authoritive answer as it seems to be getting the SOA from the root/parent domain (mydomain.co.uk)

I've been doing a bit of googling and saw some suggestions of using glue records but was told by my provider that Nominet doesnt support them.

Ultimatly my end goal is to not change anything in mydomain.co.uk (except adding records pointing to subdomains) and have subdom.mydomain.co.uk getting A records from ns1.mydomain.co.uk and ns2.mydomain.co.uk

I would post the zone files but I dont have access to them.

Any help much appreciated!

Pete
 
Old 11-04-2011, 04:58 AM   #2
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,772

Rep: Reputation: 1294Reputation: 1294Reputation: 1294Reputation: 1294Reputation: 1294Reputation: 1294Reputation: 1294Reputation: 1294Reputation: 1294
Hi,

Unless it's a typo, you have a wrong SOA for your domain. It should be
Code:
mydomain.co.uk
NS = ns1.provider.com
NS = ns2.provider.com
SOA = mydomain.co.uk
A = ns1.mydomain.co.uk 1.1.1.1
A = ns2.mydomain.co.uk 2.2.2.2
Quote:
Ultimatly my end goal is to not change anything in mydomain.co.uk (except adding records pointing to subdomains) and have subdom.mydomain.co.uk getting A records from ns1.mydomain.co.uk and ns2.mydomain.co.uk
If I can understand well what you are trying to do, you need to add an $ORIGIN for the subdomain(s) in the mydomain.co.uk zone file. If you don't have access there is no other way to do what you're trying to accomplish.
Anyway, the zone file for the TLD, should look like this:
Code:
$TTL 86400
mydomain.co.uk.                 IN SOA  ns1.mydomain.co.uk. root.mydomain.co.uk. (
<--snipped usual SOA stuff-->
                                )
       NS ns1.provider.com.
       NS ns2.provider.com.
ns1.mydomain.co.uk. A 1.1.1.1
ns2.mydomain.co.uk A 2.2.2.2

$ORIGIN subdom.mydomain.co.uk.
      NS ns1.mydomain.co.uk. 
      NS ns2.mydomain.co.uk.
And configure ns1/2.mydomain.co.uk to do what you want (add A RRs for subdom.mydomain.co.uk, www.subdom.mydomain.co.uk etc)

Regards
 
Old 11-04-2011, 05:26 AM   #3
deep27ak
Senior Member
 
Registered: Aug 2011
Location: Bangalore, India
Distribution: rhel 5x,6.0,6.2, centOS 5x,6.0,6.2
Posts: 1,188
Blog Entries: 4

Rep: Reputation: 219Reputation: 219Reputation: 219
@bathory

The SOA should be

Code:
ns1.mydomain.co.uk
as you have mentioned in your example config.?
or
Code:
mydomain.co.uk
@Pete-L
This might help you

Code:
subdom.mydomain.co.uk
       IN  NS  ns1.mydomain.co.uk
       IN  NS  ns2.mydomain.co.uk
ns1    IN  A   1.1.1.1
ns2    IN  A   2.2.2.2
 
Old 11-04-2011, 05:32 AM   #4
Pete-L
LQ Newbie
 
Registered: Nov 2011
Posts: 13

Original Poster
Rep: Reputation: Disabled
Hi,

Thanks for the reply, I've spoken to my provider and they have given me the zone file.

Code:
$TTL 21600

@       IN      SOA     ns1.provider.com.       hostmaster.provider.com. (
<SNIP>

mydomain.co.uk.  21600    IN      NS      ns1.provider.com.
mydomain.co.uk.  21600    IN      NS      ns2.provider.com.
mydomain.co.uk.  21600    IN      NS      ns5.provider.com.
mydomain.co.uk.  21600    IN      NS      ns6.provider.com.
subdom 21600    IN      NS      ns1.mydomain.co.uk.
subdom 21600    IN      NS      ns2.mydomain.co.uk.

mydomain.co.uk.  21600   IN      A       3.3.3.3
www  21600   IN      A       3.3.3.3
ns2      IN      A       2.2.2.2
ns1      IN      A       1.1.1.1
Basically we are trying to use DNS load balancers (they serve the A Records) for the subdom.mydomain.co.uk while keeping the DNS management for the mydomain.co.uk with the provider and their web GUI. Would this be why the SOA is ns1.provider.com?

While I dont have direct access to the files to change myself I can specify changes to the provider and they can add them for me (they told me what I wanted to do wasnt possible, hence the post here as I found it hard to believe)

So from my understanding of what you're saying the zone file should look like (excluding the query regarding the root SOA)-

Code:
$TTL 21600

@       IN      SOA     ns1.provider.com.       hostmaster.provider.com. (
<SNIP>

mydomain.co.uk.  21600    IN      NS      ns1.provider.com.
mydomain.co.uk.  21600    IN      NS      ns2.provider.com.
mydomain.co.uk.  21600    IN      NS      ns5.provider.com.
mydomain.co.uk.  21600    IN      NS      ns6.provider.com.
subdom  21600    IN      NS      ns1.mydomain.co.uk.
subdom  21600    IN      NS      ns2.mydomain.co.uk.

mydomain.co.uk.  21600   IN      A       3.3.3.3
www  21600   IN      A       3.3.3.3
ns2      IN      A       2.2.2.2
ns1      IN      A       1.1.1.1

@ORIGIN subdom.mydomain.co.uk.
NS ns1.mydomain.co.uk
NS ns2.mydomain.co.uk
Many Thanks,
Pete

Last edited by Pete-L; 11-08-2011 at 10:37 AM. Reason: Clarification on the DNS Load Balancers
 
Old 11-04-2011, 05:45 AM   #5
deep27ak
Senior Member
 
Registered: Aug 2011
Location: Bangalore, India
Distribution: rhel 5x,6.0,6.2, centOS 5x,6.0,6.2
Posts: 1,188
Blog Entries: 4

Rep: Reputation: 219Reputation: 219Reputation: 219
Its really confusing me
but as per my knowledge there should be an A record pointing "ns"

Code:
@ORIGIN subdom.mydomain.co.uk.
       IN  NS  ns1.mydomain.co.uk
       IN  NS  ns2.mydomain.co.uk
ns1    IN  A   1.1.1.1
ns2    IN  A   2.2.2.2
You can always wait for the experts review
 
Old 11-04-2011, 05:48 AM   #6
Pete-L
LQ Newbie
 
Registered: Nov 2011
Posts: 13

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by deep27ak View Post
Its really confusing me
but as per my knowledge there should be an A record pointing "ns"

Code:
@ORIGIN subdom.mydomain.co.uk.
       IN  NS  ns1.mydomain.co.uk
       IN  NS  ns2.mydomain.co.uk
ns1    IN  A   1.1.1.1
ns2    IN  A   2.2.2.2
You can always wait for the experts review
Wouldnt that make it ns1.subdom.mydomain.co.uk and ns2.subdom.mydomain.co.uk if specified under the subdom.mydomain.co.uk?
 
Old 11-04-2011, 05:56 AM   #7
deep27ak
Senior Member
 
Registered: Aug 2011
Location: Bangalore, India
Distribution: rhel 5x,6.0,6.2, centOS 5x,6.0,6.2
Posts: 1,188
Blog Entries: 4

Rep: Reputation: 219Reputation: 219Reputation: 219
Quote:
Originally Posted by Pete-L View Post
Wouldnt that make it ns1.subdom.mydomain.co.uk and ns2.subdom.mydomain.co.uk if specified under the subdom.mydomain.co.uk?
The name server which is mentioned is pointing to
Code:
NS ns1.mydomain.co.uk
So how will it take
Code:
subdom.mydomain.co.uk?
But as I said you can wait for an expert's advice before making any changes
 
Old 11-04-2011, 06:05 AM   #8
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,772

Rep: Reputation: 1294Reputation: 1294Reputation: 1294Reputation: 1294Reputation: 1294Reputation: 1294Reputation: 1294Reputation: 1294Reputation: 1294
@deep27ak, @Pete-L

Don't be confused from the SOA word in the first line of a SOA record. The SOA RR is the whole stuff from the TTL to the closing ")". In the line
Quote:
@ IN SOA ns1.provider.com. hostmaster.provider.com. (
there is the @ (or the ORIGIN, i.e. the domain), the authoritative nameserver and the admin's email, so the above is correct.

Quote:
Thanks for the reply, I've spoken to my provider and they have given me the zone file.

$TTL 21600

@ IN SOA ns1.provider.com. hostmaster.provider.com. (
<SNIP>

mydomain.co.uk. 21600 IN NS ns1.provider.com.
mydomain.co.uk. 21600 IN NS ns2.provider.com.
mydomain.co.uk. 21600 IN NS ns5.provider.com.
mydomain.co.uk. 21600 IN NS ns6.provider.com.
subdom 21600 IN NS ns1.mydomain.co.uk.
subdom 21600 IN NS ns2.mydomain.co.uk.


mydomain.co.uk. 21600 IN A 3.3.3.3
www 21600 IN A 3.3.3.3
ns2 IN A 2.2.2.2
ns1 IN A 1.1.1.1
In the above zone file, the lines in bold are the same as if you use the $ORIGIN, so you don't need both. But it's good practice to keep the domain and the subdomain(s) that are to be managed by a different dns, separated. So better use:
Code:
$TTL 21600

@       IN      SOA     ns1.provider.com.       hostmaster.provider.com. (
<SNIP>

mydomain.co.uk.  21600    IN      NS      ns1.provider.com.
mydomain.co.uk.  21600    IN      NS      ns2.provider.com.
mydomain.co.uk.  21600    IN      NS      ns5.provider.com.
mydomain.co.uk.  21600    IN      NS      ns6.provider.com.

www  21600   IN      A       3.3.3.3
ns2      IN      A       2.2.2.2
ns1      IN      A       1.1.1.1

subdom 21600    IN      NS      ns1.mydomain.co.uk.
subdom 21600    IN      NS      ns2.mydomain.co.uk.
 
Old 11-04-2011, 07:58 AM   #9
Pete-L
LQ Newbie
 
Registered: Nov 2011
Posts: 13

Original Poster
Rep: Reputation: Disabled
Hmmm strange so it looks like its configured ok then as this is what is currently configured (if a little untidy) -

Code:
$TTL 21600

@ IN SOA ns1.provider.com. hostmaster.provider.com. (
<SNIP>

mydomain.co.uk. 21600 IN NS ns1.provider.com.
mydomain.co.uk. 21600 IN NS ns2.provider.com.
mydomain.co.uk. 21600 IN NS ns5.provider.com.
mydomain.co.uk. 21600 IN NS ns6.provider.com.
subdom 21600 IN NS ns1.mydomain.co.uk.
subdom 21600 IN NS ns2.mydomain.co.uk.

mydomain.co.uk. 21600 IN A 3.3.3.3
www 21600 IN A 3.3.3.3
ns2 IN A 2.2.2.2
ns1 IN A 1.1.1.1
When I do the following

Code:
nslookup
server=8.8.8.8 (google dns)
subdom.mydomain.co.uk
it doesnt return any results

however when I do

Code:
nslookup
server=ns1.mydomain.co.uk
subdom.mydomain.co.uk
it returns -

Name: subdom.mydomain.co.uk
Address: 5.5.5.5
 
Old 11-04-2011, 08:32 AM   #10
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,772

Rep: Reputation: 1294Reputation: 1294Reputation: 1294Reputation: 1294Reputation: 1294Reputation: 1294Reputation: 1294Reputation: 1294Reputation: 1294
Quote:
nslookup
server=ns1.mydomain.co.uk
subdom.mydomain.co.uk

it returns -

Name: subdom.mydomain.co.uk
Address: 5.5.5.5
I don't see any A RR for subdom.mydomain.co.uk. Is this the correct IP?
What give the following:
Code:
dig ns mydomain.co.uk
dig ns subdom.mydomain.co.uk
 
Old 11-04-2011, 08:36 AM   #11
deep27ak
Senior Member
 
Registered: Aug 2011
Location: Bangalore, India
Distribution: rhel 5x,6.0,6.2, centOS 5x,6.0,6.2
Posts: 1,188
Blog Entries: 4

Rep: Reputation: 219Reputation: 219Reputation: 219
Quote:
Originally Posted by Pete-L View Post
Hmmm strange so it looks like its configured ok then as this is what is currently configured (if a little untidy) -

Code:
$TTL 21600

@ IN SOA ns1.provider.com. hostmaster.provider.com. (
<SNIP>

mydomain.co.uk. 21600 IN NS ns1.provider.com.
mydomain.co.uk. 21600 IN NS ns2.provider.com.
mydomain.co.uk. 21600 IN NS ns5.provider.com.
mydomain.co.uk. 21600 IN NS ns6.provider.com.
subdom 21600 IN NS ns1.mydomain.co.uk.
subdom 21600 IN NS ns2.mydomain.co.uk.

mydomain.co.uk. 21600 IN A 3.3.3.3
www 21600 IN A 3.3.3.3
ns2 IN A 2.2.2.2
ns1 IN A 1.1.1.1
When I do the following

Code:
nslookup
server=8.8.8.8 (google dns)
subdom.mydomain.co.uk
it doesnt return any results

however when I do

Code:
nslookup
server=ns1.mydomain.co.uk
subdom.mydomain.co.uk
it returns -

Name: subdom.mydomain.co.uk
Address: 5.5.5.5
also post the output of

Code:
#dig -x 1.1.1.1
#dig -x 2.2.2.2
 
Old 11-04-2011, 11:30 AM   #12
Pete-L
LQ Newbie
 
Registered: Nov 2011
Posts: 13

Original Poster
Rep: Reputation: Disabled
@bathory

"dig ns mydomain.co.uk" gives
Code:
mydomain.co.uk.	21600	IN	NS	ns6.provider.com.
mydomain.co.uk.	21600	IN	NS	ns1.provider.com.
mydomain.co.uk.	21600	IN	NS	ns5.provider.com.
mydomain.co.uk.	21600	IN	NS	ns2.provider.com.

;; ADDITIONAL SECTION:
ns1.provider.com.	13490	IN	A	200.200.200.200
ns2.provider.com.	13490	IN	A	200.200.200.201
"dig ns subdom.mydomain.co.uk" gives
Code:
subdom.mydomain.co.uk.	21600	IN	NS	ns2.mydomain.co.uk.
subdom.mydomain.co.uk.	21600	IN	NS	ns1.mydomain.co.uk.

;; ADDITIONAL SECTION:
ns1.mydomain.co.uk.	21600	IN	A	1.1.1.1
ns2.mydomain.co.uk.	21600	IN	A	2.2.2.2
@deep27ak

"dig -x 1.1.1.1" gives
Code:
;; ANSWER SECTION:
1.1.1.1.in-addr.arpa. 28800 IN	PTR	ns1.mydomain.co.uk.

;; AUTHORITY SECTION:
1.1.1.in-addr.arpa. 28800	IN	NS	1.isp.com.
1.1.1.in-addr.arpa. 28800	IN	NS	2.isp.com.

;; ADDITIONAL SECTION:
1.isp.com.		13323	IN	A	50.50.50.50
2.isp.com.		13323	IN	A	50.50.50.51
"dig -x 2.2.2.2" gives
Code:
2.2.2.2.in-addr.arpa. 86400 IN	PTR	ns2.mydomain.co.uk.

;; AUTHORITY SECTION:
2.2.2.in-addr.arpa. 86400	IN	NS	1.isp2.co.uk.
2.2.2.in-addr.arpa. 86400	IN	NS	2.isp2.co.uk.

;; ADDITIONAL SECTION:
1.isp2.co.uk.	86400	IN	A	60.60.60.60
2.isp2.co.uk.	86400	IN	A	60.60.60.61
Cheers folks
 
Old 11-04-2011, 04:17 PM   #13
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,772

Rep: Reputation: 1294Reputation: 1294Reputation: 1294Reputation: 1294Reputation: 1294Reputation: 1294Reputation: 1294Reputation: 1294Reputation: 1294
So, it works.
From the 2 dig outputs, ns1/2/5/6.provider.com are the authoritative nameservers for mydomain.co.uk and ns1/2.mydomain.co.uk are the authoritative nameservers for subdom.mydomain.co.uk.
Now you need to configure the zone file(s) in ns1/2.mydomain.co.uk to add the A RRs for www.subdom.mydomain.co.uk and so on.

Regards
 
Old 11-07-2011, 05:19 PM   #14
Pete-L
LQ Newbie
 
Registered: Nov 2011
Posts: 13

Original Poster
Rep: Reputation: Disabled
@bathory

The A records are handled by the load balancers, would this say to you that they arent serving the correct records when ns1/2.mydomain.co.uk gets queried?

Best Regards,
Pete
 
Old 11-08-2011, 12:15 AM   #15
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,772

Rep: Reputation: 1294Reputation: 1294Reputation: 1294Reputation: 1294Reputation: 1294Reputation: 1294Reputation: 1294Reputation: 1294Reputation: 1294
Quote:
The A records are handled by the load balancers, would this say to you that they arent serving the correct records when ns1/2.mydomain.co.uk gets queried?
By load balancers, you mean ns1/2.mydomain.co.uk?
If so, then yes, they should answer authoritatively when queried for subdom.mydomain.co.uk and hosts in that subdomain. Try some queries using dig an see if you get the correct answers:
Code:
dig subdom.mydomain.co.uk
dig +trace subdom.mydomain.co.uk
dig www.subdom.mydomain.co.uk
Regards
 
  


Reply

Tags
bind, dns, subdomain


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
BIND SOA Configuration on a Sub Domain Pete-L Linux - Server 0 11-03-2011 12:19 PM
BIND SOA - Refresh Retry Expire Attributes WORKING --- Query harmandeep Linux - Server 0 10-05-2011 06:34 AM
[SOLVED] SOA for nameserver can't be retrieved, possible port or BIND misconfiguration craseal Linux - Server 2 08-24-2010 07:08 PM
domain-name in isp soa - howto use for email..? captain skywave Linux - Networking 5 08-12-2005 05:36 PM
BIND - SOA record not at top of zone granny Linux - Networking 3 10-29-2004 09:28 AM


All times are GMT -5. The time now is 08:06 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration