I'm spinning off a subdomain from my company's domain. Now, it has been some time since I do DNS/BIND configuration, so I need your help to ensure that my configuration is sane/correct:

So, for the parent domain (let's say example.com), I should add the following:

mysub    IN NS  ; This is fictitious public IP

And then I set up my own BIND server on with the following contents:

$TTL 600
$ORIGIN mysub.example.com.

@  IN  SOA  ns1 hostmaster (
    2016051201 ; serial
    1h         ; slave refresh
    5m         ; slave retry
    24h        ; slave expiry
    30m        ; nxdomain ttl    

@    IN  NS  ns1
@    IN  TXT "v=spf1 ...spf statements follow..."
@    IN  A

ns1  IN  A

; definition of various hosts in this subdomain follows

So, did I forget/overlook something? Or maybe I have done any mistakes?

  • 4,918
  • 3
  • 43
  • 71

1 Answers1


The basic structure looks fine, but the NS records are bogus. The target must always point at a name, not an IP address. Assuming that you want the name of the target to exist in the newly created zone (based on your example), you will also need glue records.

First zone:

$ORIGIN example.com
; apex records omitted

mysub     IN NS  ns1.mysub
mysub     IN NS  ns2.mysub
ns1.mysub IN A
ns2.mysub IN A

Second zone:

$ORIGIN mysub.example.com.
; apex SOA omitted

@    IN  NS  ns1
@    IN  NS  ns2
ns1  IN  A
ns2  IN  A

(Yes, I'm pedantic and put a second nameserver on a different network in there.)

Andrew B
  • 31,858
  • 12
  • 90
  • 128
  • Thanks! I knew I have forgotten something... because my configuration looks "too easy" :-P ... yeah, NS to FQDN and glue records, that's what I've forgotten. Marking your answer as 'the' :-) – pepoluan May 12 '16 at 08:57