Point ZoneEdit to Private DNS

[gfcpetest]

Hello,

I purchased a google domain, and set the nameservers to be:
dns1.zoneedit.com
dns2.zoneedit.com

On ZoneEdit, I changed tho root nameserver (@) from LOCAL to my private DNS server. I can't do this directly from google domains because it complains about using a private server.

The idea is that all queries *.example.com end up at my private authoritative DNS server. Problem is, queries are not arriving. Here are some example dig queries trying to figure out whats wrong (100.108.108.176 is ip of ns.corporate.com which is my private dns server mentioned above).

dig @100.108.108.176 NS example.com. returns a NS to ns.corporate.com.
dig @100.108.108.176 A test.example.com. returns an A record with test ip
dig @127.0.1.1 A ns.corporate.com. returns an A record with 100.108.108.176


dig @dns0.zoneedit.com NS example.com. returns a NS pointing to my server

So as far as I can tell, everything seems setup. But when I try a normal query

dig A test.example.com. returns a SOA for dns0.zoneedit.com. rather than IP
dig A test.example.com. +trace returns same as above

I'm not sure what's happening but I assume I have zoneedit incorrectly configured. ZoneEdit seems to be responding saying it is the SOA for that domain rather than forwarding it to my DNS server.

Let me know if you need any more information and I'll be happy to oblige.

 

[gfcpetest]

Hey guys,

Looking closer at

dig @dns0.zoneedit.com. example.com. NS

I receive:

;; ANSWER SECTION:
example.com. 3600 IN NS ns.corporate.com.

;; ADDITIONAL SECTION:
ns.corporate.com. 3600 IN A 192.64.147.142

However this additional record contains the wrong ip! As said previously, my dns server is 100.108.108.176.

I tried to add a record of the following form to ZoneEdit so it knows the correct IP:

ns.corporate.com. A 100.108.108.176

but since it is not under *.example.com, I'm not sure where to add this.

Let me know if I'm on the right track.

Thanks

 

[sandy]

Hi there

you have zoneedit nameservers delegated at the domains registrar but do not have the same ns records inside the actual zone file:
dig @dns1.zoneedit.com ns sb.example.com

; <<>> DiG 9.6-ESV-R4-P3 <<>> @dns1.zoneedit.com ns sb.example.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19060
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;sb.example.com. IN NS

;; ANSWER SECTION:
sb.example.com. 3600 IN NS example.ns.com

you could have NS records for sub domains in the zone pointing to non zoneedit nameservers but if the NS records are for the root domain then they need to be done at the domains registrar.

I hope this helps.

thanks
sandy

 

[gfcpetest]

If I understand you correctly, since I have purchased the domain with google domains, they control what gets put into the domains registrar. In order for this to work correctly, I have to get them to put my corporate DNS server into the domains registrar rather than what I currently have, which is ZoneEdit is in the domains registrar and ZoneEdit points to corporate DNS server. There is conflicting information on who is the name server for example.com.

Alternatively, the private DNS could lose control of root, but gain authoritative control over a subdomain from ZoneEdit, like *.sb.example.com.

To do this I would return the ZoneEdit NS records to something like the following:
example.com. NS LOCAL
sb.example.com. NS ns.corporate.com.

Thanks for your help

 

[sandy]

hi again

for:
To do this I would return the ZoneEdit NS records to something like the following:
example.com. NS LOCAL
sb.example.com. NS ns.corporate.com.

that would be correct.

this way the root domains zone file is handled by zoneedit and the sub domain sb.example.com would have DNS provided by a different authoritative nameserver.

thanks
sandy