delegation NS records

Bob Harold rharolde at umich.edu
Mon Jul 17 17:52:27 UTC 2017


On Thu, Jul 13, 2017 at 8:39 PM, <bind at zq3q.org> wrote:

> Hi Bob:
>
> These examples help!  Thank you.
>
> On Thu 7/13/17 15:53 -0400 Bob Harold wrote:
> > Let's illustrate one NS record, for each of the cases:
> > (I think your case is #2)
> >
> > 1. Name server name inside the domain itself
> >
> > example.com zone:
> > example.com IN NS ns.example.com
> > ns.example.com IN A x.x.x.x
> >
> > the TLD com would have (entered by the registrar)
> > example.com IN  NS ns.example.com
> > ns.example.com IN A x.x.x.x   (this is a "glue" record)
>
> OK.  This example is the most commonly seen in web searches.
>
> > 2. Name server name in another domain:
> >
> > example.com zone:
> > example.com IN NS ns.otherdomain.com
> >
> > TLD com zone:
> > example.com IN NS ns.otherdomain.com
> > (no glue record)
>
> Exactly one delegation NS record.
>
> Several have made that clear; ie I now clearly understand there is
> *not* another NS delegation record needed in the zone with the $ORIGIN
> that is part of the ("non vanity") nameserver's FQDN.
>
> > otherdomain.com zone:
> > ns.otherdomain.com IN A x.x.x.x
>
> Almost goes without saying that  above A record is needed.
>
> > 3. Sibling domains with name servers for each other: (should be avoided?)
> >
> > example.com zone:
> > example.com IN NS ns.otherdomain.com
> > ns.example.com IN A x.x.x.x
> >
> > otherdomain.com zone:
> > otherdomain.com IN  NS ns.example.com
> > ns.otherdomain.com IN A x.x.x.x
> >
> > TLD com zone:
> > example.com IN NS ns.otherdomain.com
> > ns.example.com IN A x.x.x.x  (glue record?)
> > ns.otherdomain.com IN A x.x.x.x (glue record?)
>
> Interesting.  I think the glue record make sense.
> I'm not planning to do this. :->
>
> I do not see any delegation NS record for otherdomain.com above.
> Is this right?:
>
>     TLD com zone:
>     example.com        IN NS ns.otherdomain.com
>     ns.example.com     IN A x.x.x.x  (glue record?)
>     otherdomain.com    IN NS ns.example.com
>     ns.otherdomain.com IN A x.x.x.x (glue record?)
>
> --
> thanks,
> Tom
>

You are correct, the TLD needs the records that you show.

And as others have said, there should be at least 2 or 3 name servers for
every zone, and they should be on different networks.  I was trying to show
the various cases that apply to each *one* of the NS and glue records.

-- 
Bob Harold
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20170717/4bc52abb/attachment.html>


More information about the bind-users mailing list