Print

[kroerig]

Hello,

I try to add a subdomain for use with dynamic DNS. I delegated a subdomain to HE DNS server, but I cannot add it.

Code: [Select]

kroerig@hosting01:~$ dig NS dynamic.roerig-it.com

; <<>> DiG 9.8.1-P1 <<>> NS dynamic.roerig-it.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43974
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;dynamic.roerig-it.com.         IN      NS

;; ANSWER SECTION:
dynamic.roerig-it.com.  86400   IN      NS      ns5.he.net.
dynamic.roerig-it.com.  86400   IN      NS      ns4.he.net.
dynamic.roerig-it.com.  86400   IN      NS      ns2.he.net.
dynamic.roerig-it.com.  86400   IN      NS      ns3.he.net.
dynamic.roerig-it.com.  86400   IN      NS      ns1.he.net.

;; Query time: 129 msec
;; SERVER: 213.133.99.99#53(213.133.99.99)
;; WHEN: Fri May 17 12:12:51 2013
;; MSG SIZE  rcvd: 117
Error message:

Zone failed validation test. ERROR: Delegation was not found. Please delegate to ns1, ns2, ns3, ns4 and ns5.he.net then retry. (roerig-it.com / dynamic.roerig-it.com).

Bug or works as designed?

Klaus

[kasperd]

Bug or works as designed?

I think your delegation configuration looks strange. You do have NS records for the subdomain, but ns1.roerig-it.net and ns2.roerig-it.net still consider themselves authoritative for the subdomain.

So when trying to lookup random.dynamic.roerig-it.com, the following happens:

• The gtld servers, which are authoritative for com delegates to ns1.roerig-it.net and ns2.roerig-it.net.
• Recursive resolver queries ns1.roerig-it.net or ns2.roerig-it.net.
• nsx.roerig-it.net. does not delegate to HE, but instead replies with an authoritative NXDOMAIN response.

When doing dig -t any dynamic.roerig-it.com I get a response with not just your NS records, but also a SOA record indicating ns1.roerig-it.net. is authoritative. Maybe you need to fix that SOA record, to make it work.