nameserver registration
Michael Sinatra
michael at rancid.berkeley.edu
Sun Jun 19 17:37:51 UTC 2011
On 06/18/11 19:22, Casey Deccio wrote:
> In particular, if the
> name of the name server is itself in the subzone, we could be faced with
> the situation where the NS RRs tell us that in order to learn a name
> server's address, we should contact the server using the address we wish
> to learn. To fix this problem, a zone contains "glue" RRs which are not
> part of the authoritative data, and are address RRs for the servers.
> These RRs are only necessary if the name server's name is "below" the
> cut, and are only used as part of a referral response.
How many levels "below the cut"?
> Even if referring servers return such RRs, they are considered
> out-of-bailiwick, and resolvers should resolve the names, rather than
> trust the additional RRs. i.e., .org servers should not be handing
> out RRs under .edu. Hence the dependencies, which can get long and
> complicated, but they're part of the DNS.
I didn't say that they should--only that the ORG registrar (or registry)
may have to enforce that glue exist in EDU and vice versa. That's the
point of sibling glue.
michael
More information about the bind-users
mailing list