24

I have servers hosted at a hosting provider and they also host the DNS records for my domain names. Now I want to add subdomains that are resolved by my own DNS service. So for example:

  • the hosting provider's name server knows the IP address for econemon.com
  • one of my servers knows the IP address for ftp.econemon.com

Also,

  • unknown or undefined subdomains should be routed to the same IP as the parent domain
  • on failure of my DNS service, it would be great if the requests all go to the IP address that is associated with econemon.com, but I'm not sure how that should work.

Now, I've read through the Wikipedia articles on DNS to dust off my knowledge, but the part that leaves me confused is: how does a client know which server to ask for the IP address for ftp.econemon.com? Does it get that information from the hoster? If so, do I have to register the subdomain there (and what would I need my name server for then)?

Hanno Fietz
  • 992
  • 2
  • 11
  • 23

3 Answers3

22

If you want to delegate authority for a section of your domain you are going to need to add another level to the hierarchy.

When a recursive DNS server asks for the address for ftp.econemon.com it is going to go through a number of steps. First it is going to ask one of the root servers which will reply with the name servers for the .com domain (this step will likely be cached and only done infrequently). It will then ask the .com servers and they will respond with the name servers for the econemon.com domain. Finally it will ask these servers for the address record for ftp.econemon.com.

In theory you could simply add ftp.econemon.com as an NS entry in the parent zone

e.g:

services     NS    ns1.econemon.com.
ns1          A     192.0.2.1

And then create ftp.econemon.com as a zone in your name server. But if you do it this way you will have to create a new zone per server. What you probably want to do is ask your provider to add a delegated subdomain.

e.g.:

services     NS    ns1.services.econemon.com.
services     NS    ns2.services.econemon.com.
ns1.services A     192.0.2.1
ns2.services A     192.0.2.2

You can then add services.econemon.com as a zone on your name servers and simply add new entries as you need them in this single zone.

If you really need the short names too it shouldn't be too much trouble to get CNAME records added such that ftp.econemon.com has a canonical name of ftp.services.econemon.com which leaves you able to change the IP address whenever you want to and allows users to use a short name.

ftp.econemon.com.    CNAME    ftp.services.econemon.com.
Russell Heilling
  • 2,527
  • 19
  • 21
  • So, is it correct then that an entry of "econemon.com. IN NS ns.provider-domain.com." actually means "for the domain econemon.com and all subdomains, go ask ns.provider-domain.com"? I think this is what I may have misunderstood in the first place. – Hanno Fietz Jun 17 '09 at 11:56
  • That is correct, although for real world lookups the vast majority of lookup decisions are going to be made based on records in the parent zone (i.e. the .com zone in this case). The NS records at the top level of the domain are actually largely cosmetic and there to maintain consistency (i.e. to make sure that when ns.provider-domain.com and a.gtld-servers.net are asked for the NS records for econemon.com they both give the same answer) – Russell Heilling Jun 17 '09 at 12:33
  • 1
    I'm a little confused here. Shouldn't it be `ftp NS ns1.econemon.com.` in the first example? – Holger Böhnke Jan 04 '20 at 12:51
4

You need to add a NS entry for ftp.econemon.com pointing to your own DNS server. When a client will want to resolve something.ftp.econemon.com it wil ask your provider DNS, that will answer that it can be resolved on your own server. An example:

ftp.econemon.com. IN NS myownns.econemon.com.
myownns.econemon.com. IN A YOUR_DNS_SERVER_IP

To have anything before .econemon.com. to work you can use a wildcard record (*).

Braiam
  • 622
  • 4
  • 23
radius
  • 9,545
  • 23
  • 45
1

But for something like ftp.econemon.com you may not need to delegate anything. Something like ftp.econemon.com is usually a hostname not a subdomain. If that's the case just add an A record for it.

ftp.econemon.com. IN A 192.168.1.1

You can also add A records with dots in them e.g.:

ftp.something.econemon.com. IN A 192.168.1.3

If the DNS is bind you can use wildcards to e.g.:

*.something.econemon.com. IN A 192.168.1.3

I'm not sure that delegation is really useful unless you actually want to allow some other person or organisation to manage the sub domain.

Jason Tan
  • 2,742
  • 2
  • 17
  • 24