[nsd-users] NSD, subdomains, and DS records
W.C.A. Wijngaards
wouter at nlnetlabs.nl
Mon Jan 16 14:56:20 UTC 2017
Hi PG,
NSD parses the zone to find zonecuts with the NS records. This is what
triggers DS record special processing later on. The NS records from
sub.zone.com are missing from the zone.com zonefile, i.e.
sub.zone.com. IN NS localhost.
Yes your instinct is correct, but it has special processing for the DS
record for sub.zone.com; which has to be in the 'zone.com' zonefile, by
the way.
Best regards, Wouter
On 16/01/17 15:48, Ascendant Technologies wrote:
> Hello!
>
> Possibly a newbie error, but one I've been fighting with long enough to
> reach out.
>
> Start with blank 4.1.10 installation, create a zone "zone.com", populate
> with a DS
> record (created with ldns-key2ds) for "sub.zone.com".
>
> Running "host -t ds zone.com localhost" returns correct record.
>
> Now add a zone record for "sub.zone.com" in "nsd.conf" and while the
> subdomain
> records are properly returned, the DS record no longer is. Remove the
> zone entry
> alone, and the DS record returns (no change to parent zone).
>
> My instinct says as soon as NSD finds zone entry for "sub.zone.com" it
> obviates
> parsing by the parent, thus hiding the DS record.
>
> I'll try any suggestions, so fire away.
>
> Thanks bunches
>
> pg
>
>
>
>
> _______________________________________________
> nsd-users mailing list
> nsd-users at NLnetLabs.nl
> https://open.nlnetlabs.nl/mailman/listinfo/nsd-users
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.nlnetlabs.nl/pipermail/nsd-users/attachments/20170116/fabdab6f/attachment.bin>
More information about the nsd-users
mailing list