In article <[EMAIL PROTECTED]>, "aklist" <[EMAIL PROTECTED]> wrote:
> >> > >> do I need to just make the MX record (right before the domain keys > >> record): > >> > >> domain.com. MX 10 mail > >> > >> or do I also have to prepend "domain.com" to the A record that follows > >> the domain keys record? > >> > > > > You need to move the domainkey record to after the A record. That's > > supposed to be a continuation of all the records for the zone name. Do > > you understand that indenting a line means it inherits the name from the > > previous line? > > > I do now <g>...I always did it without thinking about why it worked, because > it worked! Maybe it's time for you to read the "DNS & BIND" book and learn how all this stuff works. > > The question for me now, how do I delegate a subzone in this domain without > named-checkzone grumbling that it's "ignoring out-of-zone data"? I have: > > [last A record in zone] > www A aaa.bbb.ccc.41 > ; > server._domainkey.domain.com. IN TXT "k=rsa; p=[long string]" > ; > $ORIGIN sub.domain.com. > server A aaa.bbb.ccc.42 > server A aaa.bbb.ddd.12 > server A aaa.bbb.ddd.13 > server A aaa.bbb.ddd.14 > server A aaa.bbb.ddd.15 > MX 10 server Is that supposed to be an MX record for sub.domain.com? The way you have it written, it's the MX record for server.sub.domain.com. If you want it to belong to the subdomain, it should be: @ MX 10 server Remember what you learned above about indented lines! Note also that this means you don't need to repeat "server" on each line, you can just indent all the continuations. > ; > > but I'm still getting the error above for all the subzone A records? Those records all belong in the zone file for sub.domain.com, not domain.com. That's what "delegating a subzone" means -- the subdomain data is all in its own files on the servers that you've delegated to (the ones named in the NS records). If you're using all the same servers for both domain.com and sub.domain.com, you don't need to delegate at all. Get rid of the NS records for sub.domain.com, the "zone" statement in your named.conf, and then you can put these records in the -- Barry Margolin, [EMAIL PROTECTED] Arlington, MA *** PLEASE don't copy me on replies, I'll read them in the group ***
