Cool Solution - DNS-Forwarding and subdomains

From Univention Wiki

Jump to: navigation, search
Produktlogo UCS Version 4.0

Note: Cool Solutions are articles documenting additional functionality based on Univention products. Not all of the shown steps in the article are covered by Univention Support. For questions about your support coverage contact your contact person at Univention before you want to implement one of the shown steps.

Also regard the legal notes at Terms of Service.

This article describes briefly how you can set up Forward Zones and subdomains on the Univention Corporate Server (UCS) with Samba 4.

Prerequisites

  • UCS DC Master
  • Samba 4 as DNS-Backend

To determine whether Samba 4 is the DNS-Backend run:

ucr get dns/backend

The output should be "samba4"

Forward Zones

This is useful when only a specific domain name (e.g. domain.tld) needs to be forwarded to other DNS server (e.g. 172.16.100.1). To set up Forward Zones add it in the configuration in /etc/bind/local.conf.samba4

zone "domain.tld" {
  type forward;
  forwarders { 172.16.100.1; };
};

After setting the new configuration, univention-bind and univention-bind-proxy must be restarted:

invoke-rc.d univention-bind restart
invoke-rc.d univention-bind-proxy restart

Subdomains

Another case is when a subdomain (e.g. sub.domain.tld) is managed by another server (e.g. 10.0.100.1). For "forwarding" to subdomains the normal zones statement can be used:

zone "sub.domain.tld" {
      type slave;
      masters { 10.0.100.1; };
      forwarders {};
};

The empty list: forwarders {} means (global) forwarders are disable for the slave subdomain.

After setting the new configuration, univention-bind and univention-bind-proxy must be restarted:

invoke-rc.d univention-bind restart
invoke-rc.d univention-bind-proxy restart

Debugging

For debugging purpose set a higher debug level with:

ucr set dns/debug/level=<LEVEL>

Where <LEVEL> could be some value between 0 and 11. If needed, increase the debug level of the Samba4 module as well:

ucr set dns/dlz/debug/level=<LEVEL>

Restart bind with:

service univention-bind restart

The default log is the syslog.

Further Reading

Personal tools