Kevin Darcy kcd at
Fri Mar 31 21:49:20 UTC 2000

I don't see that "DNS Exceptions" break the RFC's in any way. The RFC's just say that the AA bit should be turned on when answering from authoritative data, but does not specify that all or any of the data has to
reside on the server whose response has the AA bit set. If an implementation wants to split authoritative data between servers, have at it.

If the "views" mechanism described in the _DNS_and_BIND_ book is implemented by BIND 9 more-or-less intact, then BIND should have this "DNS Exception" capability, so perhaps we're just talking about a temporary
feature absence.

As for "multimaster DNS", depending on how you define that term, either it already exists within the RFC's or it's just an implementation issue outside the scope of the RFC's. So I don't see any violations there

                                                                                                                                                - Kevin

Johnny Fribert Lauridsen wrote:

> Wow, you seem really sure about this Joe.  Big 'NO', big 'AUTHORITY', etc.
> Some implementations do actually support DNS Exceptions, so that this problem can be handled, selectively.
> I actually tried one, hands-on and all.
> May not be strictly RFC, but I think you will see that the market will demand more functionality in DNS than
> currently is RFCed.  Does multimaster dns also spring to mind?
> I do not think that anyone should be too RFC-tight these days with Win2000 rolling out.  Things will happen in the
> DNS arena, whether or not ietf follows (they probably will, because the market-place needs them to - If they do not,
> well, I hate thinking that thought to the end).
> my 2 cents,
> Johnny
> At 15:49 31/03/2000 -0500, Joseph S D Yao wrote:
> >On Fri, Mar 31, 2000 at 01:27:03PM -0600, Jay C Austad wrote:
> > > Is there a way to set up our internal dns server (that thinks it's authoritative for, query another nameserver for the address if it doesn't have it?
> > >
> > > Say a user requests, which doesn't have an internal ip, so it's not in the internal dns, can the DNS server go look somewhere else (i.e. the external DNS server)  for it and return it to the user?
> >
> >NO.
> >
> >Sorry, this has been asked so many times ...
> >
> >An authoritative server is just that.  Authoritative.  It is the
> >authority, THE authority, the AUTHORITY, the server that knows
> >EVERYTHING there is to know about the domain.  There is no such thing
> >as a fractional authority.  It is ALL or NOTHING.
> >
> >The logical extension of this is that, once you have asked the
> >Authoritative Server about the name, there is no need to ask anybody
> >else.  The Authoritative Server knows all, tells all.  If it doesn't
> >know, then there is nothing to know.  It is Authoritative.
> >
> >The alternative would be to have a domain with, say, thirteen servers,
> >any three of which may be out of commission at any given time, wait to
> >query ALL of them for ANY hint of ANY possible information about a
> >name.  Sort of like, Mommy said no, let's wait for Daddy to get up and
> >then we'll ask him, and if we don't like the answer, we'll peddle over
> >to Grandpa's house and wait for HIM to get up and ask him.  There isn't
> >enough time in the world to do it this way.  ;-)
> >
> >Your alternatives, in your case:
> >
> >(1) make sure that the internal name server replicates all information
> >from the external name server.  This has to be done manually, or with
> >something that you write, so as not to lose internal DNS information.
> >This may be a pain, if you have large groups of hosts both places.
> >(2) make inside and outside two separate domains, possibly one being a
> >subdomain of the other.

More information about the bind-users mailing list