delegation-only message
Ketil Froyn
isc_bind at ketil.froyn.name
Wed Apr 7 09:30:40 UTC 2004
On Wed, 2004-04-07 at 00:02, Paul Vixie wrote:
> hoch at exemplary.invalid (CharlesH) writes:
>
> > enforced delegation-only for 'com' (ns1.swqj.com/A/IN) from 192.12.94.30#53
>
> > I believe these are due to glue records remaining behind when a domain
> > is suspended (swqj.com, in this case), for the sake of other still active
> > domains which use that name server.
>
> yes.
>
> > My question is this: Is the delegation-only functionality flawed in that
> > it disallows perfectly valid situations, or is keeping the glue record
> > around an inappropriate action by the registrar of the suspended domain?
>
> delegation-only is a dangerous option and it could even be called flawed in
> that it violates the dns data model (which calls for zone-level autonomy).
>
> the registry's action (keeping an A RR around even on an expired zone) is
> also a violation of the dns data model (since, given zone-level autonomy,
> the final arbiter of the existence of the glue name is the zone, which is
> missing.) however, removing this glue usually breaks other zones that are
> currently working (since their NS RR starts to dangle.)
It is not expired, it is on REGISTRAR-HOLD. Since the dns data model
doesn't define how to treat a domain on REGISTRAR-HOLD, aren't the
registry/registrar entitled to be as considerate as possible? I wouldn't
say there's anything wrong with this behaviour.
As you say, if the glue were to be taken out of the com-zone, some
domains would stop working:
;; QUESTION SECTION:
;biznics.com. IN A
;; AUTHORITY SECTION:
biznics.com. 172800 IN NS ns1.swqj.com.
biznics.com. 172800 IN NS ns2.swqj.com.
biznics.com. 172800 IN NS ns3.swqj.com.
;; ADDITIONAL SECTION:
ns1.swqj.com. 172800 IN A 218.15.192.180
ns2.swqj.com. 172800 IN A 61.166.69.154
ns3.swqj.com. 172800 IN A 219.147.198.132
;; Query time: 96 msec
;; SERVER: 192.5.6.30#53(a.gtld-servers.net)
;; WHEN: Wed Apr 7 10:18:06 2004
;; MSG SIZE rcvd: 136
Ketil Froyn
ketil at froyn.name
http://ketil.froyn.name/
More information about the bind-users
mailing list