0

I have both aws route53 and a dedicated server dns conf

I tried setting NS records 

 - ns111.awsdns-xz.co.
 - ns112.awsdns-xz.co.
 - ns113.awsdns-xz.co.

Basically what I want to achieve is to have multiple unrelated DNS records on both servers as managed by 2 different persons.

NS record domain registrar

ns1.xxx.ovh.com

dns records

dedicatedServer.ovh.com
  a  : example.com    
       sub.example.com 
  mx : mx.example.com 
  ns : ns111.awsdns-xz.co.
     : ns112.awsdns-xz.co.
     : ns113.awsdns-xz.co.
             on AWS router 
                  site2.example.com  -> loadbalancer 
                  site3.example.com  -> elasticbeanstalk

Well is this configuration ok and is it going to work?

2 hours and still not working, should I wait for propagation period?

Patrick Mevzek
  • 9,273
  • 7
  • 29
  • 42
Pascal
  • 135
  • 2
  • 8
  • 1
    "How to split dns configuration within 2 servers " DNS does not work like this. There is only one given set of nameservers authoritative on your name at some given point in time, and they should all be configured in the same way for your name, and have the same zone content. Any other setup is bound to create problems as it is using the DNS not as designed. For a query, another nameserver is checked only in case of timeouts, not in case of negative reply which is still a succesful query. – Patrick Mevzek Jan 17 '20 at 16:33
  • 2
    PS: there is no "propagation period". This is a myth or a least a severe simplification. Only TTLs count, and things are coming from bottom (nameservers) asking top ones, not flowing down from top. – Patrick Mevzek Jan 17 '20 at 16:34

1 Answers1

1

I think, this will not work as the public will not the reach it (not even search it).

Ok, let assume you have domain example.com which is registered and on registrar level and it has has NS records pointing to ns1.xxx.ovh.com - this information is propagated to DNS zone for .com domain to establish delegation for the domain site.com.

There would be working DNS server with configured zone example.com on the server ns1.xxx.ovh.com. Once anybody would query some record it iterates from "root" to ns1.xxx.ovh.com which is authoritative server for this domain and this server know or don't know...

NS record for the zone directly is more important in upper level then in level of domain itself and it doesn't cause "next server" to query...

If you want to have records for site2 and site3 subdomain to be managed in AWS you need to delegate directly subdomain on ns1.xxx.ovh.com.

site2.example.com. 3600 IN NS ns111.awsdns-xz.co.
site2.example.com. 3600 IN NS ns112.awsdns-xz.co.
site2.example.com. 3600 IN NS ns113.awsdns-xz.co.
site3.example.com. 3600 IN NS ns111.awsdns-xz.co.
site3.example.com. 3600 IN NS ns112.awsdns-xz.co.
site3.example.com. 3600 IN NS ns113.awsdns-xz.co.

then once the the query will come to ns1.xxx.ovh.com it will delegate query to AWS DNS system so these records will be handled outside of ns1.xxx.ovh.com. This delegation cover mentioned domain and its sub domains so site2.example.com NS will cover site2.site.com and also www.site2.example.com for the delegation.

The result would looks like (in case of TTL 3600):

@ 3600 IN A <IP>
@ 3600 IN MX 10 mx.example.com.
@ 3600 IN NS ns1.xxx.ovh.com.
sub 3600 IN A <IP>
mx 3600 IN A <IP>
site2.example.com. 3600 IN NS ns111.awsdns-xz.co.
site2.example.com. 3600 IN NS ns112.awsdns-xz.co.
site2.example.com. 3600 IN NS ns113.awsdns-xz.co.
site3.example.com. 3600 IN NS ns111.awsdns-xz.co.
site3.example.com. 3600 IN NS ns112.awsdns-xz.co.
site3.example.com. 3600 IN NS ns113.awsdns-xz.co.

-- edit --

Added NS record for @ and also priority for MX records to have it in valid form and consistent.

Patrick Mevzek
  • 9,273
  • 7
  • 29
  • 42
Kamil J
  • 1,587
  • 1
  • 4
  • 10
  • "I think, this will not work" This is GUARANTEED not to work, as any setup for a zone where each nameserver gives different replies, in the sense that it won't achieve the "try next server in case of errors" that the OP seems to be after, because the DNS was not designed in this way. See my comments on the question. – Patrick Mevzek Jan 17 '20 at 16:37
  • Yes, the situation in question will not work... The delegation as I have "offer" in the answer will work as it follow "design" of DNS - delegation subzone to other nameserver... With this approach you can at the end reach the situation that specific FQDN will be handled with different servers. It is not "in case of" but "static delegation" so every query for the specific FQDN will reach all the time the same DNS server... --- @PatrickMevzek: I have used **site.com** domain as it was part of the question. Thanks for typo correction :-). – Kamil J Jan 17 '20 at 17:32
  • Yes, of course, delegations work as it is the core concept in the DNS, but this may not fit the "Basically what I want to achieve is to have multiple unrelated DNS records on both servers as managed by 2 different persons." request of the OP. It depends on how the zone is structured, and obviously the question lacks concrete details and provide just bad obfuscation, that I fixed to be obfuscation which is still bad to be able to give specific answers. – Patrick Mevzek Jan 17 '20 at 17:40