<br>On Tue, Jun 28, 2011 at 1:39 AM, umiotoko <span dir="ltr"><<a href="mailto:john.seaman@intusurg.com">john.seaman@intusurg.com</a>></span> wrote:<br><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
myhost IN CNAME myhost.newsubzone.mydomain.tld</blockquote><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<br>
newsubzone IN NS ns1.myotherdomain.tld<br>
newsubzone IN NS ns2.myotherdomain.tld<br>
<br>
--- End snippet ---<br>
<br>
My reading of bind documentation seems to show that when delegating a<br>
subzone to an external server we need glue host (A) records for the subzone<br>
nameservers (example below).<br>
<br>
-- Question - do we need A records for the external DNS servers like this ?<br>
-----------<br>
ns1.myotherdomain.tld IN A 10.1.0.100<br>
ns2.myotherdomain.tld IN A 10.1.0.150<br></blockquote><div><br></div><div>You only need glue records if the names for the nameservers you delegate to are within the scope of the subdomain you're trying to erect.</div>
<div>As ns(1|2).myotherdomain.tld are completely outside the scope of newsubzone.mydomain.tld you do not need any glue records there.</div><div><br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
Does this sound accurate ? I don't have the entire zone file, and I don't<br>
know how exactly they host it, so I understand this is incomplete<br>
information. My snippet doesn't have trailing dots either, so I'm going to<br>
guess they host in a DB.<br></blockquote><div><br></div><div>Yes, that sounds likely. </div><div><br></div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
When I do a dig to my DNS providers NS, I get the following:<br>
<br>
C:\>dig @<a href="http://ns1.mydnsprovider.net" target="_blank">ns1.mydnsprovider.net</a><br>
<br>
; <<>> DiG 9.3.2 <<>> @<a href="http://ns1.mydnsprovider.net" target="_blank">ns1.mydnsprovider.net</a> myhost.mydomain.tld<br>
; (1 server found)<br>
;; global options: printcmd<br>
;; Got answer:<br>
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 708<br>
;; flags: qr rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0<br>
<br>
;; QUESTION SECTION:<br>
;myhost.mydomain.tld. IN A<br>
<br>
;; ANSWER SECTION:<br>
myhost.mydomain.tld. 3600 IN CNAME myhost.newsubzone.mydomain.tld.<br>
<br>
;; AUTHORITY SECTION:<br>
newsubzone.mydomain.tld. 3600 IN NS ns1.myotherdomain.tld.<br>
newsubzone.mydomain.tld. 3600 IN NS ns2.myotherdomain.tld.<br>
<br>
;; Query time: 14 msec<br>
;; SERVER: x.x.x.x#53(x.x.x.x)<br>
;; WHEN: Mon Jun 27 16:27:20 2011<br>
;; MSG SIZE rcvd: 108</blockquote><div><br></div><div>When specifying a host to ask dig will only present you with what that host replies.</div><div>The host you queried is probably authoritative only and will not recurse for you.</div>
<div>Try if querying @<a href="http://8.8.8.8">8.8.8.8</a> returns an A record and if +trace walks all the way through.</div><div>If you can ping myhost.mydomain.tld it should all be well. Ping will use the gethostbyname function of your libc which (usually) queries a recursive nameserver </div>
</div><br><div> Stefan</div>