using slave on un-published network??

Kevin Darcy kcd at daimlerchrysler.com
Wed Feb 7 01:10:49 UTC 2001 

Yes, all of Bob's corrections are of course valid. I need to get more
sleep...


- Kevin

Bob Vance wrote:

> Simmen,
>
> >why am i giving "@  IN A  123.123.123.123" insted of
> > ns1   IN  A   123.123.123.123
> > ns2   IN  A   321.321.321.321
> > or in other words when the A record of the NS is deefined
> > do we have to define it like "@  IN  A  123.123.123.123"
>
> This is kind of like asking,
>
>    "Why am I wearing brown shoes, instead of eating a sandwich?"
> :)
>
> The question seems to imply (at least to me :) that you think that using
> "@" is somehow related to the nameserver records ("NS") .
>
> >"@  IN A  123.123.123.123"
> and
> > ns1   IN  A   123.123.123.123
>
> really are totally unrelated.
>
> At the beginning of the zone file, you usually do a few things:
>   . define a default $TTL :)
>   . define an SOA record
>   . define the NS records (nameservers)
>   . for any of the above nameservers that are *in* this zone,
>     define an A (address) record -- just like you would for any other
>     hosts in this zone
>
> The "@" has no special significance for the above, other than that a
> freestanding "@" is shorthand for the zone's "current $ORIGIN".  It
> merely saves typing (and makes the zone file portable, if that's a
> desideratum).
>
> @  IN  A  123.123.123.123
>
> has nothing to do with the nameserver records (ns1 and ns2),
> just like
>
> yoho   IN  A  123.123.123.123
>
> doesn't.
>
> The "@" is merely replaced by the zone's "current $ORIGIN", which is
> "abc.net." at this point, and thus,
>
> @  IN  A  123.123.123.123
>
> is equivalent to
>
> abc.net.  IN  A  123.123.123.123
>
> This, in effect, is simply assigning an address to the domain name (as
> opposed to names *within* the domain).  This is typically used so that
> Internet users can use "abc.net" instead of "www.abc.net" in the URL to
> access your abc.net's web server (e.g., this is how "yahoo.com." goes to
> their web server).  E.g.,
>
> @    IN  A  1.2.3.8   ;  address for name  "abc.net."
> www  IN  A  1.2.3.8   ;  www also has that address and is the same host
>
> You are correct that the NS records *do* need corresponding A records,
> since they are in *this* zone:
>
> >   @   IN  NS   ns1.abc.net.
> >   @   IN  NS   ns2.abc.net.
> >   @   IN  A    123.123.123.123
>
> but the third line has nothing to do with satisfying that requirement.
> The additional records that you need are
>
> ns1  IN  A  1.2.3.4
> ns2  IN  A  1.2.3.5
>
> (or
> ns1.abc.net.  IN  A  1.2.3.4
> ns2.abc.net.  IN  A  1.2.3.5
> )
>
> So your zone file for abc.net. would look like:
>    ...
> @   IN  NS   ns1.abc.net.
> @   IN  NS   ns2.abc.net.
> @   IN  A    123.123.123.123
> ns1 IN  A  1.2.3.4
> ns1 IN  A  1.2.3.5
>
> FYI, I think that Kevin's answer may have had a couple of statements
> that could be misleading (correct me if I'm wrong, Kevin :) :
>
> 1.
> >when you use "@" on the righthand side  ...
> > ... but when you put "ns1" or "ns2" on the righthand side,
>
> I think that he meant "left-hand side", which relates to what you wrote.
>    (BTW, you *could* use freestanding "@" on the right side, as in:
>
> @   IN  A    1.2.3.4
>     IN  NS   @
>
>     In this case we've defined an address for the domain name, as
>     discussed above -- and that host is also a nameserver for the
>     zone.
>     but I don't think that that adds to the clarity in any way :)
>    )
>
> 2.
>
> >>  @  IN  NS  ns1
> >>             ns2
> >> ...can i ???
>
> >Sure. The parser substitutes "@" for the leading whitespace.
>
> Technically, the parser substitutes the owner name from the *previous*
> record for the leading whitespace.
> Of course the result is what Kevin said, because it just so happens that
> the previous record's owner was  "@"  :)
>
> But, just be sure to know that
>
> www  IN  A  1.2.3.7
>      IN  A  1.2.3.8
>
> is equivalent to :
>
> www  IN  A  1.2.3.7
> www  IN  A  1.2.3.8
>
> not
>
> www       IN  A  1.2.3.7
> abc.net.  IN  A  1.2.3.8
>
> -------------------------------------------------
> Tks        | <mailto:BVance at sbm.com>
> BV         | <mailto:BobVance at alumni.caltech.edu>
> Sr. Technical Consultant,  SBM, A Gates/Arrow Co.
> Vox 770-623-3430           11455 Lakefield Dr.
> Fax 770-623-3429           Duluth, GA 30097-1511
> =================================================
>
> -----Original Message-----
> From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org]On
> Behalf Of Kevin Darcy
> Sent: Monday, February 05, 2001 11:30 PM
> To: bind-users at isc.org
> Subject: Re: using slave on un-published network??
>
> simmen wrote:
>
> > hello all..
> > (hope u guys r all ok)
> > i have 3 questins...
> > 1.. what effect it will have on the DNS/primary if the secoundry is on
> an unpublished network....??
>
> Is it a *registered* slave or an unregistered one? If it's unregistered,
> then it shouldn't have any effect on the master at all (assuming there
> is connectivity between master and slave).
>
> If it's a *registered* slave, and no-one on the Internet can get to it
> because it's on an unpublished network, then, since DNS load-balances
> between nameservers, it means the other nameservers -- including perhaps
> the master -- will get all of the
> queries that would normally have gone to that slave spread amongst them.
> It will also slow down name resolution somewhat and potentially annoy
> people.
>
> Maybe you should use split DNS instead.
>
> > 2.. i am a bit confused about a thing...i.e
> > lets suppose i have multiple zones..(as masters)
> > lets say 1 is abc.net..and the other is xyz.net
> > my NS's r configured as nsp.abc.net//(P) and nss.abc.net//(S) in
> abc.net.
> > Now in the zone file of xyz.net i configure the NS record as
> > nsp.abc.net.&.nss.abc.net..(naturally)...but i dont give the A records
> for the nsp.abc.net..and nss.abc.net..because of the reason that when
> the NS record is found of the nsp amd nss in the xzy.net...the DNS will
> get the A  from the  abc.net ZONE...
> > am i right..till now..??? (if ! 0  then ..:-))what if put the A
> records of the nsp and nss next to the NS records in the xyz.net..
> > will that work...??? or will it still go to the abc.net for the A
> records...???
>
> If you put A records for nsp.abc.net and nss.abc.net in the xyz.net zone
> file, BIND will reject them as "out of zone data". They belong in the
> abc.net zone file (and possibly also in the nsp.abc.net and/or
> nss.abc.net zone files if those are delegated
> subzones).
>
> > 3..ok its the last 1..:-)
> >  // a zone file of abc.net...
> >
> >   @   IN  NS   ns1.abc.net.
> >   @   IN  NS   ns2.abc.net.
> >   @   IN  A    123.123.123.123
> >
> > 3.1>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > i know that i can  als o define it as
> >  @  IN  NS  ns1
> >             ns2
> > ...can i ???
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>
> Sure. The parser substitutes "@" for the leading whitespace.
>
> > 3.2
> > why am i giving "@  IN A  123.123.123.123" insted of
> > ns1   IN  A   123.123.123.123
> > ns2   IN  A   321.321.321.321
> > ?????
> > or in other words when the A record of the NS is deefined
> > do we have to define it like "@  IN  A  123.123.123.123"
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>
> No, when you use "@" on the righthand side (either explicitly or by
> following "@" entries with leading-whitespace entries), you're defining
> an A record for "@" (i.e. abc.net), but when you put "ns1" or "ns2" on
> the righthand side, you're defining an
> A record for "ns1.abc.net" or "ns2.abc.net". Even though the address for
> "@" and "ns1" may be the same, the names of the records are different.
>
>
>
>     - Kevin

More information about the bind-users mailing list