mail us  |  mail this page

contact us
training  | 
tech stuff  | 

BIND 9 Support

HOWTO - Configure Sub-domains (a.k.a subzones)

This page describes sub-domain configuration, where sub-domain addressing structures are defined as being:

You have a choice of two strategies for handing such sub-domain addressing structures:

  1. Fully delegate the sub-domain - in this case you will need to add the subdomain's NS RRs and, depending on the method, corresponding A/AAAA (glue) RR(s) to the domain zone file, one or more name servers for the sub-domain and a subdomain zone file.
  2. Create a virtual (or pseudo) sub-domain - in this case you will define the sub-domain's configuration, as well as the main zone configuration, in the domain zone file.

This page describes configuring a virtual sub-domain which means the main domain and the subdomain definition are included in a single zone file - it requires no new name servers, no NS RRs and no A/AAAA (glue) RRs. The negative is that any change in either the zone or the subdomain will require a zone reload, whereas with fully delegated zones changes in either the zone or the subdomain will only require a reload of, respectively, the zone or the subdomain.

Zone Name Server Configuration

The primary name server for our domain is running BIND and has a named.conf file that defines the zone.

Note: We received some mail which suggested that we show the explicit use of the allow-transfer statement in these configurations. The samples in Chapter 6 all show this statement in use but for anyone just using this section we have included it for the sake of completeness.

Zone Name-Server named.conf

The named.conf file will contain statements similar to the following fragment:

// named.conf file fragment
options {
    // stop zone transfer from all sources
    allow-transfer {"none";};
zone "" in{
   type master;
   file "master/";
   // explicitly allow zone transfer from the slave
   allow-transfer {;};

Zone Name-Server Zone Files

The file '' (or whatever naming convention you use) will contain our domain and sub-domain configuration with, say, a couple of name servers.

; zone fragment for 'zone name'
; name servers in the same zone
$TTL 2d ; zone default TT = 2 days
@              IN      SOA (
               2003080800 ; serial number
               2h         ; refresh =  2 hours 
               15M        ; update retry = 15 minutes
               3W12h      ; expiry = 3 weeks + 12 hours
               2h20M      ; minimum = 2 hours + 20 minutes
; main domain name servers
              IN      NS
              IN      NS
; mail servers for main domain
              IN      MX 10
; A records for name servers above 
ns1           IN      A
ns2           IN      A
; A record for mail servers above 
mail          IN      A
; other domain level hosts and services
bill          IN      A
; sub-domain definitions
              IN      MX 10  mail
; record above uses blank substitution 
; and could have been written as 
;   IN  MX 10
; OR (using @ substitution)
; @ IN MX 10 mail
; A record for subdomain mail server
mail          IN      A
; the record above could have been written as 
; A if it's less confusing
ftp           IN      A 
; the record above could have been written as 
; A if it's less confusing
; other subdomain definitions as required 
; WARNING: $ORIGIN affects all subsequent RRs until
; either another $ORIGIN or EOF
; adding $ORIGIN resets the $ORIGIN to the base domain name 

Additional sub-domains could be defined in the same file using the same strategy. For administrative convenience you could use $INCLUDE directives e.g.

; snippet from file above showing use of $INCLUDE
; other domain level hosts and services
bill          IN      A
; sub-domain definitions
$INCLUDE us-subdomain.sub
; other subdomain definitions as required 

Problems, comments, suggestions, corrections (including broken links) or something to add? Please take the time from a busy life to 'mail us' (at top of screen), the webmaster (below) or info-support at zytrax. You will have a warm inner glow for the rest of the day.

Pro DNS and BIND by Ron Aitchison


tech info
guides home
dns articles
1 objectives
big picture
2 concepts
3 reverse map
4 dns types
5 install bind
6 samples
7 named.conf
8 zone records
9 howtos
10 tools
11 trouble
12 bind api's
13 dns security
bits & bytes
15 messages
notes & tips
registration FAQ
dns resources
dns rfcs
change log

Creative Commons License
This work is licensed under a Creative Commons License.

If you are happy it's OK - but your browser is giving a less than optimal experience on our site. You could, at no charge, upgrade to a W3C STANDARDS COMPLIANT browser such as Firefox




Icons made by Icomoon from is licensed by CC 3.0 BY
share page via facebook tweet this page


email us Send to a friend feature print this page Display full width page Decrease font size Increase font size



Debian Linux


GNU-Free SW Foundation


Open Source Initiative
Creative Commons


Ibiblio - Library
Open Book Project
Open Directory


CSS Technology SPF Record Conformant Domain
Copyright © 1994 - 2024 ZyTrax, Inc.
All rights reserved. Legal and Privacy
site by zytrax
hosted by
web-master at zytrax
Page modified: May 16 2022.