NSD, subdomains, and DS records

Ascendant_Technologi · January 16, 2017, 2:48pm

Hello!

Possibly a newbie error, but one I’ve been fighting with long enough to reach out.

Start with blank 4.1.10 installation, create a zone “zone.com”, populate with a DS
record (created with ldns-key2ds) for “sub.zone.com”.

Running “host -t ds zone.com localhost” returns correct record.

Now add a zone record for “sub.zone.com” in “nsd.conf” and while the subdomain
records are properly returned, the DS record no longer is. Remove the zone entry
alone, and the DS record returns (no change to parent zone).

My instinct says as soon as NSD finds zone entry for “sub.zone.com” it obviates
parsing by the parent, thus hiding the DS record.

I’ll try any suggestions, so fire away.

Thanks bunches

pg

Wouter · January 16, 2017, 2:56pm

Hi PG,

NSD parses the zone to find zonecuts with the NS records. This is what
triggers DS record special processing later on. The NS records from
sub.zone.com are missing from the zone.com zonefile, i.e.
sub.zone.com. IN NS localhost.

Yes your instinct is correct, but it has special processing for the DS
record for sub.zone.com; which has to be in the 'zone.com' zonefile, by
the way.

Best regards, Wouter