Okay, my first post, and it's a long one...
Our company needs to set up two DNS servers such that one would deal with the main domain DNS resolves, and the other deal with the sub-domain resolves.
The main domain is:
acme.com
and the sub-domain
lab.acme.com
The main domain DNS server runs Microsoft server with DNS service enabled, and the sub-domain DNS server is a Redhat Linux. The main domain DNS server seems to be able to delegate searches for "lab" to the sub-domain server correctly, such that all searches for servers that reside in the sub-domain, e.g. server-1.lab.acme.com, can be resolved via this hand-off.
The two problems I have right now are that
1) The linux DNS server does not seem to be able to forward main domain queries received from users in "lab" to the MS DNS server.
Edit: named.conf with correct forwarding configured fixes this issue.
2) Searches for the devices in the main domain must be typed out in full.
So for example, if I want to resolve a server called "dragon" in the main domain:
dragon.acme.com
I cannot just type "dragon" and have DNS resolve it to dragon.acme.com. I must type in the full name to get it to resolve.
Is it even possible to have DNS fallback to main domain and append the path once the sub-domain search comes up empty, or it is not intelligent enough to do this kind of search?
Edit: Problem two revised to reflect current situation, simplified by having only one DNS specified in dhcpd.conf.
Below is the name.conf:
Code:
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; any; };
recursion yes;
// forward only;
// forwarders { 10.1.10.30;};
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
zone "acme.com" {
type forward;
forward only;
forwarders { 10.1.1.2; };
//main domain DNS server IP
};
zone "lab.acme.com" {
type master;
allow-query {any; };
file "lab.acme.com.zone";
};
and this is the zone file for lab.acme.com:
Code:
$TTL 1D
$ORIGIN lab.acme.com.
@ IN SOA ns1.lab.acme.com. admin.lab.acme.com. (
0 ; serial
2h ; refresh
15m ; retry
604800 ; expire
86400 ; minimum
)
IN NS ns1
IN NS dc1
;NS specifically reserved for name-server use, points to the name-server IP address, in this case it points to the pointer, which is ns1
ns1 IN A 10.1.5.2
dc1 IN A 10.1.1.2
server-1 IN A 10.1.5.1
server-2 IN A 10.1.5.2
;server for testing DNS
Thanks to all for answering this. I am pulling my hair out, and I've searched google and linux questions already so...