zone files for subdomains...

bmanning at karoshi.com bmanning at karoshi.com
Sun Sep 14 19:53:56 UTC 2003


> Failing to make the delegation in the parent is completely and utterly
> wrong.

	wrong from the perpsective of a fully linked heirarchy
	that can be traversed, yes.

> No, it's not right. The authors of this software have a serious lack
> of clue about how the DNS works. It would be very unwise to use a tool 
> that's as badly broken as this.

	well, they are simply relying on an implementation fluke.

> If there's no delegation for some zone in its parent zone, that child
> zone simply does not exist. End of story. 

	Er, thats putting it a bit strong. If I ask a question of
	an authoritative server, it does not matter (in todays DNS)
	if the question is "unlinked" up the chain.  The zone exists
	and the authoritative server will answer for it.  

	i just can't walk the tree dwon from the root and get answers.

> This is a collection of accidents waiting to happen.

	Yup.

> ... it would be a hard problem for inexperienced
> administrators to troubleshoot.

	Yup again.  And when DNSSEC rolls out, this  "feature" will
	result in serious validation failures.

--bill


More information about the bind-users mailing list