Stub zones again: Delegation and RFC compliance?
David Carmean
dlc at halibut.com
Mon Feb 7 20:43:40 UTC 2005
The department that parents my internal domain is "upgrading" their authoritative
nameservers, but it appears that they're still using stub zones to perform the
delegation. This is apparent by the lack of NS records for my domain when I
perform a zone transfer of the parent domain.
Now, this "works" for "normal" lookups, because the parent server returns
the correct NS records anyway, having cached them in the stub zone data after
retrieving them from my authoritative servers for the child domain. But
is the lack of delegating NS records (and glue?) in the parent zone
out of compliance with any RFCs? Will it break anything in DNSSEC, for
example?
I am hoping that stub zones continue to be supported for their use in
place of "forward" zones in split-view domains; their ability to cause
the resolving server to learn the internal auth server heirarchy is valuable
to me. But if I continue to use them for this function, how can I convince
the other DNS admins internally not to use them for delegations?
Thanks.
More information about the bind-users
mailing list