Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.



Forward subzone inside Authorative zone

New Member
Posts: 1
1919     0



Within our default internal DNS view, I created a forward subzone (fe: inside an authorative zone (fe: 

This does not seem to work as expected. 

When trying to resolve, nothing gets forwarded and I'm getting a "Non-existent domain" response. 
Forwarders are set to working public DNS servers. Firewalls are open.

Forwarding members are set as our internal DNS grid members. 

Is this setup supposed to work?
Kind regards, 
Lode (Belgium)

Re: Forward subzone inside Authorative zone

[ Edited ]
Posts: 81
1920     0



When your query for is processed by named, it finds that there's an authoritative domain for & will try to resolve the query authoritatively. In the absence of something like an NS record for within the zone database for, it doesn't know that it should be sending that query to your conditional forwarder - so NXDOMAIN is reasonable. While I do not know what NIOS version is your system running on, can you edit the conditional forwarder for "" -> Go to "Forwarders" -> Below your forwarder IP address(s), you might see 2 options :


1) An option which says "Disable auto-generation of NS records in parent authoritative zone". This specific option has to be "Unchecked"(If not already). The expectation is, when you uncheck that option, you should see an NS record for "sub" within's "Records" list(Make sure that you could see it when you go to's records).


2) Ensure that you Enable "Forwarders only".


Clear the cache(Either fully or for the respective domains) & start a packet capture on your server which receives the query & is expected to contact your forwarder to resolve You should see the query for going to the forwarder configured. 


Best regards,


Showing results for 
Search instead for 
Did you mean: 

Recommended for You