BIND 8.x, security, and delegations
Barry Margolin
barmar at bbnplanet.com
Mon Jun 14 19:22:29 UTC 1999
In article <3761196D.BD6E2E7D at jax.org>, Gregg TeHennepe <gat at jax.org> wrote:
>My understanding is that a query on a hostname in the informatics.jax.org domain
>should be asking my nameservers for the NS records for that domain and the
>associated glue records, and then the hostname A record query should be sent to
>one of the NSs for that domain, not my nameserver.
That's not how it works. How is the querier supposed to know that
informatics.jax.org has its own nameservers? The way it works is that they
ask your server for the A record of www.informatics.jax.org. If your
server has the information and they're authorized to query in that zone,
your server will respond; if the subdomain is delegated and your server
doesn't have the answer, it should return a referral containing the NS
records, and then the querier will retry by asking those servers.
I'm not sure why your server is rejecting these queries, though. Like I
said, it should respond to them with the NS records for the subdomain.
P.S. Why did you thread this to a completely unrelated message (it was
titled "Help" -- you posted this as a reply, although you changed the
Subject)?
--
Barry Margolin, barmar at bbnplanet.com
GTE Internetworking, Powered by BBN, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.
More information about the bind-users
mailing list