Options for the default record

[Kevin Darcy]

kddubose at hotmail.com wrote:

> I'm looking for what options one might have for the default record in
> a zone.  For example, can one, through use of the default force the
> query of another nameserver?  Say you want to have anyone doing a
> lookup on foo.com be forced to query another nameserver  say myco.com
> without messing with any of the other records in that zone?    Is this
> possible?

No, this is not possible. You can delegate individual names explicitly,
e.g. foo.example.com can be delegated as a subzone to some other
nameserver, from the example.com zone, and as long as you are denying
recursion to the client, it should go off and ask the other nameserver
about the name, if it is capable of doing so. Note that foo.example.com
would need to be defined as a zone on the other nameserver -- if it
answered the foo.example.com query from a rogue copy of the example.com
zone, then that would be flagged as erroneous, since delegation is always
*down* the namespace hierarchy, not up or sideways.

You can also have a wildcard entry (is that what you meant by "default
record"?) which resolves all non-existing names in a particular zone to
the same address, or same set of MX targets, or whatever, depending on
the relevant record type. But you cannot combine these two mechanisms in
an unholy union to produce a "wildcard delegation" -- that wouldn't make
sense anyway, since you need to define each delegated subzone explicitly
on the delegated nameserver(s), and it's not feasible to define every
*possible* subzone there.


- Kevin