How does a child find its parent?
Mark Andrews
marka at isc.org
Wed May 9 01:51:48 UTC 2012
In message <3C6F299B652A4E71B1AF8BBCE9380210 at netadmin.bart.gov>, "Mike Bernhardt" writes:
> Reading the section on delegation in the O'Reilly book, I'm confused about
> something: The parent is configured to delegate the subdomain to the child
> with glue records, etc. But how does the child know who to ask if a host in
> the subdomain requests a record in the parent zone? They don't show any
> configuration example for that other than making the child a slave for the
> parent zone.
Firstly all nameservers should be configured with rootservers. Both
authoritative and recursive servers, in general, need this knowledge.
Hosts in the subdomain ask the local recursive server. This may
or may not be the same machine that is serving the child zone. The
recursive server will then work down from the root / closest
configured zone to get the answer. Hosts should not be configured
to talk to authoritative only servers.
Others have mentioned that you shouldn't mix recursive and authoritative
modes. This isn't quite correct. The official servers for a zone,
listed in the NS RRset, should be authoritative only. There is no
issue with a recursive server having a copy of a zone so long as
it is not listed in any NS records and it is configured to be updated
when the zone contents change preferably by having the servers it
is transfering the zone from configured to sent it NOTIFY messages.
Changes to the zone are then available nearly instaneously rather
than after waiting for the TTL to expire. Often the master for
the child zone is the recursive server operating in what is called
"stealth mode". All the listed servers for the zone transfer from
it.
Now if a authoritative servers needs to look up a address they do
the same thing as recursive servers, iterate down from the root /
closest configured zone. Named does this when it needs to send out
NOTIFY messages to nameservers it doesn't have addresses for. named
can also be configured to use the local recursive server by specifying
them in a forwarders clause and setting "forward only;". In either
case it caches the answers internally.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list