On 09/12/11 16:55, Lightner, Jeff wrote:
I don't know what you mean by that.  Apex of what exactly - my zone file?

The zone is a tree. The records at the apex of the zone are those with the same name as the zone - normally the SOA, NS, MX, and other records.

Since all zones must have a SOA and NS at the apex, and CNAME is incompatible with any other record at the same name (except RRSIG/NSEC), you cannot have a CNAME at the apex.


I can make a zone file that simply has a CNAME in it with no SOA, serial number 
etc...?

No. You can't. Such zone files are syntactically invalid, and will not be loaded by bind. This is easy to try e.g.

test.zone. 300 SOA ns.test.zone. hostmaster.test.zone. 100 2700 1800 3600 3600
test.zone.      300     NS      ns.test.zone.
test.zone.      300     CNAME   www.other.zone.
ns.test.zone.   300     A       192.0.2.1


# named-checkzone test.zone $FILE
dns_master_load: z:3: test.zone: CNAME and other data
dns_master_load: z:3: test.zone: CNAME and other data
zone test.zone/IN: loading from master file z failed: CNAME and other data
zone test.zone/IN: not loaded due to errors.


As noted I do not own the target zone so I can't update any records there.

Can you tell me exactly what the zone file should look like with the CNAME record at the 
"apex"?

As noted above, such a zone is invalid.

You *can* do this:

test.zone. 300 SOA ns.test.zone. hostmaster.test.zone. 100 2700 1800 3600 3600
test.zone.      300     NS      ns.test.zone.
test.zone.      300     A       192.0.2.2 ; the IP of www.other.zone
ns.test.zone.   300     A       192.0.2.1

i.e. put an "A" record at the zone apex, with the IP of the "other" server. It does mean you need a script / process in place to update the A record if the name
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Reply via email to