Add a subdomain?

[10JQKA]

I'm using windows DNS on a 2003 server.

It is currently configured to support my domain name (ie foo.com)
and the web server (www.foo.com)

Now I would like to add a new subdomain and have it resolve to an IP
address on another server. So I went to the forward lookupzone,
added an 'A' record with the name (subs.foo.com) and the IP address .

This works fir the server itself (ie I can ping subs.foo.com), but it
never gets updated to the internet at large. Is there some trick to
getting updates I make on my own DNS server reflected on the internet
as a whole? What options do I need to check?

Thanks.

 

[10JQKA]

Ps...

I've waited several days since creating the 'A' record. So I don't
think it is a time issue.

 

[Lerner]

I'm using windows DNS on a 2003 server.

It is currently configured to support my domain name (ie foo.com)
and the web server (www.foo.com)

Now I would like to add a new subdomain and have it resolve to an IP
address on another server. So I went to the forward lookupzone,
added an 'A' record with the name (subs.foo.com) and the IP address .

This works fir the server itself (ie I can ping subs.foo.com), but it
never gets updated to the internet at large. Is there some trick to
getting updates I make on my own DNS server reflected on the internet
as a whole? What options do I need to check?

Is YOUR server the SOA for that domain?

 

[Herb Martin]

I'm using windows DNS on a 2003 server.

It is currently configured to support my domain name (ie foo.com)
and the web server (www.foo.com)

Now I would like to add a new subdomain and have it resolve to an IP
address on another server.

We may need to first straighten out the terminology.

While the term "subdomain" can technically mean a computer
name within a zone or address (in very picky traditional DNS
terminology) we would normally just refer to those as DNS
names, probably entered as an A record.

Being technical, but using the terminology common in the MS
tools, a subdomain is a "container" for other records within
the same zone, and is in many ways practically equivalent to
a subzone or child zone.

A child zone however implies (very strongly) that the zone
has been formally delegated to another server or admin context.

So I went to the forward lookupzone,
added an 'A' record with the name (subs.foo.com) and the IP address .

That would typically be just a machine name or DNS name for a
computer.

This works fir the server itself (ie I can ping subs.foo.com), but it
never gets updated to the internet at large.

Updated where?

A DNS server is NOT supposed to update any other location except
it's own secondaries (i.e., other DNS servers that hold that same
zone.)

Notice that a Primary DNS server will not update itself from any
other DNS server so two primaries will never replicate. (Ignoring
the special case of the Active Directory Integrated DNS servers
which should be thought of as a "set of Primaries").

IF you are using the SAME DNS zone name for your EXTERNAL
and your INTERNAL DNS (most likely what you may be trying to
do) then you may (properly) be using two DIFFERENT Primary
DNS servers for the same zone.

This is called a "Shadow DNS" (or split DNS) setup. In this
case the two Primaries are specifically use to BREAK replication
so that private records inside will never be exposed to the world
at large externally.

In this case, you must update all records on BOTH primaries IF
you wish the name to be publically available.

Is there some trick to
getting updates I make on my own DNS server reflected on the internet
as a whole? What options do I need to check?

Perhaps you also just mean that NONE of this zone is known on the
Internet, in that case it is likely for one (or both) of two reasons:

1) You internal DNS server (set) is not reachable from the Internet
2) You domain/zone name is not properly delegated from the parent zone

Usually when you purchase your domain name (zone name) you give
them the address(es) of your publically accessible DNS server(s)
and they "delegate" from the parent zone to your actual DNS servers.

BTW, it is generally a good idea NOT to supply your own DNS servers
on the Internet, but rather to let you "registrar" do that for you.

 

[Herb Martin]

Is YOUR server the SOA for that domain?

Although we see that terminology used from time to time
it is pretty much meaningless (i.e., "SOA for a zone/domain").

An authoritave server is about the closest you can come to
the meaning probably intended: A server holding the zone
which includes the SOA record.

In this context it is likely even more meaningless since he
indicated that he "added an A record" to the zone on his
server -- to do that, the server would need to be both
authoriative and the Primary (or one of the AD integrated
DNS servers for the zone.)

Secondaries, while authoritative, cannot add records to the
zone even though they hold (a copy of) the SOA record.

Perhaps you were referring to the delegation from the parent
domain which is discussed in a separate answer to his question
(in this thread.)

 

[10JQKA]

Herb:

Thanks for your response.

The box in question here is a web server. There is no internal LAN or
users.

Right now the DNS on the server has records for:
www.foo.com
mail.foo.com

All I want to do is add:
new.foo.com

and have it point to a diffrent server.

Under DNS, I have the server name.
Under Forward Lookup Zones I have a folder for foo.com
In the foo.com folder I have 'A' records for www and mail
This is where I added an 'A' record for new

Under foo.com I also a folder named 'com'
with a sub-folder labled foo.
In that I found another 'a' record for www so I added an 'a' record
for new.

 

[10JQKA]

<< Sorry, the above message was sent before I finished..... >>

Herb:

Thanks for your response.

The box in question here is a web server. There is no internal LAN or
users.

Right now the DNS on the server has records for:
www.foo.com
mail.foo.com

All I want to do is add:
new.foo.com

and have it point to a diffrent server.

Under DNS, I have the windows server name.
Under Forward Lookup Zones I have a folder for foo.com
In the foo.com folder I have 'A' records for www and mail
This is where I added an 'A' record for new

Under foo.com I also a folder named 'com'
with a sub-folder labled foo.
In that I found another 'a' record for www so I added an 'a' record
for new.

In order for a new dns name to be seen from the Internet at large, it
has to be added to the root servers? How does this happen? This box
is the primary and listed as the "primary server" in the SOA. Dynamic
updates are set to "Nonsecure and secure"

 

[Kevin D. Goodknecht Sr. [MVP]]

In

Under foo.com I also a folder named 'com'
with a sub-folder labled foo.
In that I found another 'a' record for www so I added an
'a' record for new.

If I'm reading this right, this would resolve to 'www.foo.com.foo.com'

 

[10JQKA]

It turns out that this was a firewall issue. Port 53 was blocked so
DNS was not able to resolve. My thanks to Kevin for helping with
this.

 

[Jonathan de Boyne Pollard]

Is there some trick to getting updates I make on my own DNS server reflected on the internet as a whole?

Yes.&nbsp; It's called talking to human beings.

 

[Herb Martin]

Herb:

Thanks for your response.

The box in question here is a web server. There is no internal LAN or
users.

Right now the DNS on the server has records for:
www.foo.com
mail.foo.com

All I want to do is add:
new.foo.com

Then just add the record for host New in Foo.com zone.

If it is on one the same server with same address you have
a choice:

CNAME that points New to WWW (for instance)
or
A record that just points New to the correct address

The latter will always work.

and have it point to a diffrent server.

Oh, well that is an A record for New within Foo.com since
it must supply the address.

Under DNS, I have the server name.

What server name? I thought you said that New.foo.com is
a NEW and DIFFERENT machine?

If it is a new machine you are ADDING the name for it.

Under Forward Lookup Zones I have a folder for foo.com
In the foo.com folder I have 'A' records for www and mail
This is where I added an 'A' record for new
Correct.

Under foo.com I also a folder named 'com'
with a sub-folder labled foo.

That seems rather silly -- what were you trying to accomplish?

foo.com.foo.com seems unlikely to be useful (unless you are

In that I found another 'a' record for www so I added an 'a' record
for new.

Huh?

What do you REALLY want? (Not the DNS or names but what
do you really want to ACCOMPLISH?