SubDomain Setup

[deadclown]

This is probably very simple, but how do I create a subdomain for a domain I already use dns.he.net for?
I want to host the subdomain's DNS here as well and this is something I can do in BIND, but am unsure of how to configure it using the interface here.

Thank you for your time

[snarked]

As far as I know, there's nothing special about creating a sub-domain here.  Then again, I have all my domains here as secondary/slave to my co-located server which is the primary name server.

I have not addressed how to create a sub-domain (or DNS sub-zone) in general.  If that is your true question, there are plenty of resources on the Internet to show you how.....

[porjo]

I've just done it successfully with one of my domains.  If your domain is example.com and the subdomain is foo.example.com, first create NS records within your example.com zone like so:

Code Select Expand


foo.example.com.      86400 IN NS ns1.he.net.
foo.example.com.      86400 IN NS ns2.he.net.
foo.example.com.      86400 IN NS ns3.he.net.
foo.example.com.      86400 IN NS ns4.he.net.
foo.example.com.      86400 IN NS ns5.he.net.

You will then need to wait 10 mins for HE nameservers to catchup, then 'Add a new domain' from the menu and enter 'foo.example.com'

[vyalceva]

I tried to add a subdomain to dns.he.net. I created NS records within main domain like ipv6.mydomain.net IN NS ns1.he.net (ns2 so far), clicked "Add a new domain", entered "ipv6.mydomain.net" and got "delegation was not found, delegate to ns1...ns5.dns.he.net" error message. Maybe dns.he.net requires second-level domain delegation only?

[tjeske]

did you delegate your domain to be managed by HE's NS servers? You can't just delegate only a subdomain...

[Paxy]

did you delegate your domain to be managed by HE's NS servers? You can't just delegate only a subdomain...

Why can't you delegate just some sub-domain to HE DNS? It worked one month ago!

[polishpaul]

I'm having problems setting this up too. I kept adding a subdomain lan.polishpaul.net but i keep getting an error

Zone failed validation test. ERROR: Delegation was not found. Please delegate to ns1, ns2, ns3, ns4 and ns5.he.net then retry. (polishpaul.net / lan.polishpaul.net).

Eventually this worked! I'm not sure what helped but i was still in the process of moving the main domain polishpaul.net from my old host, so i pointed the delegation back to the "old" dns servers, which had an SOA record for this sub-domain. Perhaps that's what allowed the creation? Not sure...

I must have tried adding this a few dozen times while experimenting and eventually it worked and now I have an SOA in he.net and this subdomain works fine.

However, i cannot get this to work for any other domains (they never had any subdomains). I have NS records created in the main domain, for example polishpaul.org, but i still cannot create any subdomains...

So what is the proper way to do this? Is this documented anywhere in a wiki?

[polishpaul]

SOLVED:

In short:
1. Just add the subdomains in the apex zone.
2. Make sure you do NOT have NS records for your subdomain in the apex zone.

Support said:
"In general, there's no need to create a zone for a subdomain.  The zone for the apex domain can contain records for subdomains, sub-subdomains, etc."
But then
"Actually, I have to correct myself: while you can use the method I described to add a subdomain's zone, this results in undefined behavior.  RFC dictates that nameservers not delegate subdomains to themselves.  Sometimes it works, sometimes it doesn't.  Right now you're getting "BAD (HORIZONTAL) REFERRAL" results, which is a common consequence."

So I wondered, why are my subdomains not resolving? Its because i had the subdomain NS records setup in the apex zone!!! Once I removed my NS records (for lan.polishpaul.net, or the subdomain i wanted to add) my records started to resolve!

[snarked]

Technically, you do need NS records in the parent zone for the child zone, but when both zones are hosted on the same name servers, DNS programs generally shortcut the lookup through the parent and directly serve the child.  If the parent and child zones are on different servers, the NS records for the child are required in the parent zone for the former to be found.

In my zones, I do delegate even when both zones are on the same servers, and it works without error -- as it should.  NS records are meant to be in both the zones they define and that zone's parent.