[SOLVED] configure sub domain failed.

windbadboy · 01-25-2014, 08:10 PM

$TTL 86400
@ IN SOA 13hospital.cn. ns.13hospital.cn. (
2014010000
10800
3600
604800
0
)

@ IN NS ns.13hospital.cn.
ns IN A 172.24.28.6
mail IN A 172.24.28.206
www IN A 172.24.28.206
sub IN NS ns.sub.13hospital.cn.
ns.sub IN A 172.24.28.14
the above is my zone file.Named can resolve www.13hospital.cn normally:

[root@ns /var/named/chroot/var/named]# nslookup www.13hospital.cn
Server: 172.24.28.6
Address: 172.24.28.6#53

Name: www.13hospital.cn
Address: 172.24.28.206

but when I tried to resolve ns.sub.13hospital.cn,it went wrong like this:

[root@ns /var/named/chroot/var/named]# nslookup ns.sub.13hospital.cn
Server: 172.24.28.6
Address: 172.24.28.6#53

Non-authoritative answer:
Name: ns.sub.13hospital.cn
Address: 211.98.70.194

if it works,the ip address which be resolved should be 172.24.28.14,I used wirkshark to capture some packets,I found named sent the dns request to my higher level DNS Server.

09:51:24.212900 IP 172.24.28.6.25573 > 211.98.4.1.53: 24629+ [1au] A? ns.sub.13hospital.cn. (49)
0x0000: 4500 004d 7148 0000 4011 69d6 ac18 1c06 E..MqH..@.i.....
0x0010: d362 0401 63e5 0035 0039 ddcd 6035 0100 .b..c..5.9..`5..
0x0020: 0001 0000 0000 0001 026e 7303 7375 620a .........ns.sub.
0x0030: 3133 686f 7370 6974 616c 0263 6e00 0001 13hospital.cn...
0x0040: 0001 0000 2910 0000 0080 0000 00 ....)........
09:51:24.702608 IP 211.98.4.1.53 > 172.24.28.6.25573: 24629 1/1/1 A 211.98.70.194 (129)
0x0000: 4500 009d 0120 4000 f811 e1ad d362 0401 E.....@......b..
0x0010: ac18 1c06 0035 63e5 0089 b096 6035 8180 .....5c.....`5..
0x0020: 0001 0001 0001 0001 026e 7303 7375 620a .........ns.sub.
0x0030: 3133 686f 7370 6974 616c 0263 6e00 0001 13hospital.cn...
0x0040: 0001 c00c 0001 0001 0000 0e10 0004 d362 ...............b
0x0050: 46c2 c013 0006 0001 0000 0010 0034 046e F............4.n
0x0060: 7331 3308 7869 6e63 6163 6865 0363 6f6d s13.xincache.com
0x0070: 000a 686f 7374 6d61 7374 6572 c047 7754 ..hostmaster.GwT
0x0080: bf5e 0000 0e10 0000 0384 000a fc80 0000 .^..............
0x0090: 0e10 0000 2910 0000 0080 0000 00 ....)........

How could it be,and how to solve it？ thanks in advance.

Ser Olmy · 01-25-2014, 08:37 PM

Your server ends up forwarding the query to an external server, so it obviously doesn't interpret the zone file as you intended.

Have you tried putting an $ORIGIN statement before the glue records instead? Like this:

Code:

$TTL 86400
@ IN SOA 13hospital.cn. ns.13hospital.cn. (
                                            2014010000
                                            10800
                                            3600
                                            604800
                                            0
                                           )

@       IN      NS      ns.13hospital.cn.
ns      IN      A       172.24.28.6
mail    IN      A       172.24.28.206
www     IN      A       172.24.28.206

$ORIGIN sub.13hospital.cn.
@       IN      NS      ns.sub.13hospital.cn.
ns      IN      A       172.24.28.14

(In the future, please put text from configuration files inside [code] tags, as it makes it much easier to read.)

windbadboy · 01-25-2014, 10:31 PM

Thank you,Ser Olmy.

I have tried to do this,but it still don't work.

Code:

[root@ns /var/named/chroot/var/named]# cat 13hospital.cn.zone
$TTL 86400
@ IN SOA 13hospital.cn. ns.13hospital.cn. (
                               2014010000
                               10800
                               3600
                               604800
                               0
                                       )
@       IN      NS      ns.13hospital.cn.
ns      IN      A       172.24.28.6
mail    IN      A       172.24.28.206
www     IN      A       172.24.28.206
$ORIGIN sub.13hospital.cn.
@       IN      NS      ns.sub.13hospital.cn.
ns      IN      A       172.24.28.206
[root@ns /var/named/chroot/var/named]# nslookup ns.sub.13hospital.cn
Server:         172.24.28.6
Address:        172.24.28.6#53

Non-authoritative answer:
Name:   ns.sub.13hospital.cn
Address: 211.98.70.194

[root@ns /var/named/chroot/var/named]#

it still forwards a external server to resolve,please help me to make a analysis.

---------- Post added 01-25-14 at 11:32 PM ----------

I have restarted named service.

Ser Olmy · 01-25-2014, 11:11 PM

Strange, as I tried doing the same with a local domain here, and got it to work.

I followed this tutorial. Perhaps I missed something.

windbadboy · 01-25-2014, 11:40 PM

Quote:

Originally Posted by Ser Olmy

Strange, as I tried doing the same with a local domain here, and got it to work.

I followed this tutorial. Perhaps I missed something.

It works now,thank you man.

Code:

[root@ns /var/named/chroot/var/named]# cat 13hospital.cn.zone
$TTL 86400
@ IN SOA 13hospital.cn. ns.13hospital.cn. (
                               2014010000
                               10800
                               3600
                               604800
                               0
                                       )
@       IN      NS      ns.13hospital.cn.
ns      IN      A       172.24.28.6
mail    IN      A       172.24.28.206
www     IN      A       172.24.28.206
$ORIGIN sub.13hospital.cn.
sub.13hospital.cn       IN      NS      ns.sub.13hospital.cn.
ns.sub.13hospital.cn.   IN      A       172.24.28.14
[root@ns /var/named/chroot/var/named]# nslookup ns.sub.13hospital.cn
Server:         172.24.28.6
Address:        172.24.28.6#53

Name:   ns.sub.13hospital.cn
Address: 172.24.28.14

I just removed "@ IN NS ns.sub.13hospital.cn."，and works.I deem the '@' may be ambiguous.

Ser Olmy · 01-25-2014, 11:46 PM

Quote:

Originally Posted by windbadboy

It works now,thank you man.

You're very welcome.

Quote:

Originally Posted by windbadboy

I just removed "@ IN NS ns.sub.13hospital.cn."，and works.I deem the '@' may be ambiguous.

I can confirm that, as replacing the empty field with a "@" broke my test setup. Looks like the @ record isn't affected by the $ORIGIN statement.