none
Modify SOA record for delegated zone? RRS feed

  • Question

  • Houston we have a problem!

    We want to modify the SOA record for a delegated zone but we cannot find it!

    Where is the SOA record  for a delegated zone located?


    More info:

    To implement GSLB for our intranet applications, we needed a delegated zone pointing to 2 load balancers (LB) as NS.

    The DNS admins here created a delegated zone-  subdomain.domain.com. Then they pointed the NS records for that zone to subdomainNS1.domain.com and subdomainNS2.domain.com. They also created A records in the zone domain.com for subdomainNS1.domain.com and subdomainNS2.domain.com.

    At this point we have two problems:

    1. SOA records are wrong:

    When we query SOA records, they somehow point to the LB's host names instead of subdomainNS1.domain.com. Curiously, the query sometimes shows LB1's hostname and other times it shows LB2's hostname. Also, we do not have A records of the hostnames of the LBs registered in AD DNS here (not a problem, this is normal for our network)

    Query for subdomain's NS records are correctly resolved to subdomainNS1.domain.com and subdomainNS2.domain.com, so NS records are correct.


    2. DNS queries are intermittent:

    From a client workstation, if we try to nslookup test1.subdomain.domain.com the result is intermittent. Sometimes we get an answer, other times we get nothing, as if the DNS server has no record of test1.subdomain.domain.com. Note that by default, the nslookup is querying the local AD DC which is also a DNS.

    However if we query the LB directly, we always get an answer...100% reliability there.

    3. New A records created in LB take a very long time to be able to be queried

    If I create a new A record in the LB, it should work almost immediately, right? But here, it takes many hours for a client to successfully resolve it...UNLESS a nslookup is sent directly to the LB.


    The DNS admins say they cannot find any place in the Windows server DNS management console where they can modify the SOA of the subdomain. I cannot find any place in the LB where the SOA is shown and/or can be modified. I opened a tech support ticket with the LBs' vendor (Barracuda) , they looked at our setup and said that the SOA for subdomain.domain.com is in the parent domain - domain.com. I am not sure if this is really true.

    I do not control the DNS servers here, I am only the subdomain admin. So I cannot see the AD DNS management console. The subdomain.domain.com is hosted on the LBs. I control the LBs.


    Please help!


    -Rajeev rajdude.com

    Friday, June 30, 2017 2:35 PM

All replies

  • Hi,

    >>they looked at our setup and said that the SOA for subdomain.domain.com is in the parent domain - domain.com. I am not sure if this is really true.

    It is so. SOA for subdomain.domain.com is in the parent domain - domain.com

    What is your goal? Does you like to modify SOA records back to subdomainNS1.domain.com?

    Maybe you need talk to someone of domain.com admins.

    Best Regards,

    Frank


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, July 3, 2017 7:56 AM
  • Hi,
    Just checking in to see if the information provided was helpful. Please let us know if you would like further assistance.

    Best Regards,

    Frank

    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, July 6, 2017 9:55 AM
  • Hi Frank,

    Sorry for the delay in replying, I must have missed the notification from the forum when you replied first.

    So the SOA record location....I really cannot find it. I even setup a test DNS server for it and no matter how hard I look, the delegated subdomain's SOA record is nowhere to be found (on the parent DNS server). Check out the screenshots below:

    See I have no options on the delegated subdomain to create anything (which is normal, IMHO). All records will be created in those NS servers instead of this server.

    Now check out the parent domain's options (plenty of them there):

    So I do not know :-(

    Let me know if someone finds something else please.


    -Rajeev rajdude.com

    Thursday, July 6, 2017 1:34 PM
  • Anyone? Bueller ;-) ??

    -Rajeev rajdude.com

    Friday, July 7, 2017 6:25 PM
  • Hi,

    It is a same result in my lab

    Could you modify your NS record to LB1?

    Best Regards,

    Frank


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, July 10, 2017 8:41 AM