DNS Subdomain delegation issue

Question

(Updated the post with more detailed example)

---

I have my domain: example.com setup at DNS provider 1. Provider 1 has nameservers:

1. ns1.dns1.com
2. ns2.dns1.com

I want to delegate authority for subdomain.example.com to another DNS provider, provider 2, which has nameservers:

1. ns1.dns2.com
2. ns2.dns2.com

For this my zone at provider 1 looks like this:

example.com IN NS ns1.dns1.com
example.com IN NS ns2.dns1.com
example.com IN A 127.0.0.1
subdomain.example.com IN NS ns1.dns2.com
subdomain.example.com IN NS ns2.dns2.com

At provider 2 i setup the zone: subdomain.example.com as follows:

subdomain.example.com IN NS ns1.dns2.com
subdomain.example.com IN NS ns2.dns2.com
subdomain.example.com IN A 1.1.1.1
test.subdomain.example.com IN A 1.1.1.2

The test:

# i get a reply (OK here)
dig a subdomain.example.com     

# i don't get a reply for this (error)
dig a test.subdomain.example.com 

Is this normal ?

Update 2: For command dig a test.subdomain.example.com i get in the result the SOA record of domain example.com.

;; QUESTION SECTION:
;test.subdomain.example.com.            IN      A

;; AUTHORITY SECTION:
example.com.              86400   IN      SOA     ns1.dns1.com. hostmaster.example.com. 2011032805 28800 7200 604800 86400

Answer 1

I'd first make sure you're getting ns1/2.provider-dns.com back as an answer to this query:

dig subdomain.example.com ns

You might also want to check that the zone is loaded on the nameservers to which you've delegated. Check that you get a correct serial number back:

dig @ns1.provider-dns.com subdomain.example.com soa

If that isn't working, check with whomever is running ns1/2.provider-dns.com to make sure your zone is being loaded.

Answer 2

In case anyone ever actually reads this article again, and is wondering what the resolution was, I second Jonathan Ross' comment.

On provider one, you added 2 NS records. But you didn't add 2 A records for those 2 NS records.

Without the A records on provider one, the 2 NS records are just names, that have no associated IP. So DNS requests for the subdomain can't make it to the NS for the subdomain. Because there is no IP associated with subdomain's NS record.

It may seem logical (until you understand these record differences, many "stories" you tell yourself make sense) to think "oh the IP will get resolved over at provider 2". The request doesn't make it to provider 2 (unless you of course open up dig or nslookup and connect directly to it).

Hope this helps...

Answer 3

Are you trying to Delegate the zone "test.subdomain.example.com to another NS? You only speak of NS1 and NS2 and from what you have specified you have Primary Forward Lookup Zones created for "subdomain.example.com" on each of those. If you want to delegate authority for "test.subdomain.example.com" to another name server:

• Right click the "subdomain.example.com" zone on both NS1 and NS2 and setup a new delegation.
• Use the zone name "test" and point to another name server you want to be authoritative for the "test.subdomain.example.com".
• Setup a new Primary Forward Lookup zone on the new name server (NS3) for "test.subdomain.example.com"

If you are trying to delegate "subdomain.example.com" follow the same process but one domain level higher.

Answer 4

Have you tried another tool like host -t a test.subdomain.example.com instead ?

dig is pretty tricky to use.