NXDOMAIN - How to properly set up subdomain on samba4 DNS backend?

stev-e · May 27, 2022, 6:45am

Hi there,

what I want to achieve is the following. I have DC host called ucs in my domain (ucs.####nd.de). Now I want to add a subdomain (forward lookup zone) called intern.#####nd.de for which the same ucs host is the primary DNS server. Here is what I have got:
000044_2022-05-27 08_34_27-Univention Portal — Mozilla Firefox
000045_2022-05-27 08_39_04-Univention Portal — Mozilla Firefox

Now my expectation was that I can now lookup host entries in the subdomain. But the whole subdomain cannot be resolved (NXDOMAIN).

I used dig (intern.#####nd.de) and nslookup (host.intern.#####nd.de) on the ucs host both replying that the domain is not resolvable. Is there something I misunderstand about how a subdomain can be build?

Thanks!

knebb · May 31, 2022, 11:48am

Hi,

this will not work as the bind DNS server can not differentiate. For bind “sub.example.com” is a hostname, not a (sub-)domain. For this you get “NXDOMAIN”.
You will have to tell bind about the fact this is a subdomain. Some further details can be found here.
I haven’t tested it right now, but it appears you need to add the subdomain entry like this:

sub       IN  NS   ns.example.com

The entry should point to the nameserver of the domain, not of the dubdomain!

Give it a try!

/KNEBB

stev-e · May 31, 2022, 2:38pm

Hi Knebb, thanks for answering. Reading your answer I parallelly stumbled upon this article: https://wiki.univention.de/index.php/Cool_Solution_-_DNS-Forwarding_and_subdomains#Subdomains
So it is explicitly not possible as you said. but the solution is slightly a different one. But ulimately this means that I cannot manage the subdomain from the root domain DC (ucs.####nd.de). I need another DNS server to manage that zone