> Hello all,
>
> I am new to DNS. My goal is to create a sub domain DNS for our lab.
> Currently our corporate DNS is served by Windows AD - it is in
> 10.100.x.x/24. Our lab we have a 192.168.16.0/20 network that is
> routed to the corporate network, I have setup a DNS Bind on a CentOS
> machine inside the QA lab.


*DELEGATE* the sub zone like the designers of the DNS
intended.

To the company.com zone add:

lab.company.com. NS myhost.lab.company.com.
myhost.lab.company.com. A 192.168.17.2

Mark

> corporate DNS is: host.company.com - 10.100.1.5 - DNS domain name is:
> company.com
> lab DNS is: myhost.lab.company.com - 192.168.17.2 - DNS sub domain
> name is: lab.company.com
>
> 1. I configured my Bind so that it is an authoritative server and
> simply setup a forwarder to point to my corporate DNS; my
> /etc/named.conf file is as follows:
>
> // named.conf file for: lab.company.com
> //
>
> options {
> listen-on port 53 { 127.0.0.1; 10.100.1.5; };
> forwarders { 10.100.1.5 port 53;
> };
> directory "/var/named";
> dump-file "/var/named/data/cache_dump.db";
> statistics-file "/var/named/data/named_stats.txt";
> /*
> };
> zone "17.168.192.IN-ADDR.ARPA." IN {
> type master;
> file "192.168.17.db";
> };
> zone "lab.company.com." IN {
> type master;
> file "lab.company.com.db";
> allow-transfer {10.100.1.5;};
> };
> zone "company.com." IN {
> type forward;
> forwarders { 10.100.1.5; };
> };
> zone "." IN {
> type hint;
> file "named.root";
> };
>
> zone "localdomain." IN {
> type master;
> file "localdomain.zone";
> allow-update { none; };
> };
> zone "localhost." IN {
> type master;
> file "localhost.zone";
> allow-update { none; };
> };
> zone "0.0.127.in-addr.arpa." IN {
> type master;
> file "named.local";
> allow-update { none; };
> };
> zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0. 0.0.0.0.0.0.ip6.arpa.
> "
> IN {
> type master;
> file "named.ip6.local";
> allow-update { none; };
> };
> zone "255.in-addr.arpa." IN {
> type master;
> file "named.broadcast";
> allow-update { none; };
> };
> zone "0.in-addr.arpa." IN {
> type master;
> file "named.zero";
> allow-update { none; };
> };
> include "/etc/rndc.key";
>
> ================
>
> Problem: It seems like the setup does not work.
> a. I can forward and reverse lookup with hosts within the lab (ok to
> forward n reverse lookup among hosts within the 192.168.16.0/20
> network).
> b. From a host within the 192.168.16.0/20 network, I cannot ping by
> hostname to anyhost within the 10.100.x.x. network; BUT I can ping by
> FQDN and IP address. same with nslookup.
> c. From a host within the 10.100.x.x. I cannot ping by hostname to
> anyhost within the 192.168.16.0/20 network; BUT I can ping by FQDN and
> IP address; same with nslookup.
>
> the /var/logmessages in my DNS Bind subdomain shows the following error:
>
> Apr 1 09:28:18 myhost NetworkManager:
> add_ip4_config_to_named (): Could not set forwarders for zone '.'.
> Error: 'Did not receive a reply. Possible causes include: the remote
> application did not send a reply, the message bus security policy
> blocked the reply, the reply timeout expired, or the network
> connection was broken.'.
> Apr 1 09:32:30 myhost NetworkManager:
> add_ip4_config_to_named (): Could not set forwarders for zone '.'.
> Error: 'Message did not receive a reply (timeout by message bus)'.
>
> .... I have attempted to google and review various reference
> materials, am unable to figure the issue; Any pointers, advise or
> recommendations would be greatly appreciated.
>
> --
> best,
>
> Vince
>

--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@isc.org