stealth NS, delegated zone and forward zone
Kevin Darcy
kcd at daimlerchrysler.com
Tue Feb 7 21:48:21 UTC 2006
Frank Y.F. Luo wrote:
>two questions and thanks for the reply in advance.
>
>1) since stealth name server is not listed as the NS record in the zone
>file, so where do we define a name server as a stealth one?
>
There are two types of slave servers: published slaves and stealth
slaves. If you're in the NS records for the zone, you're a published
slave; otherwise you're a stealth slave. There is no extra "definition"
required to make a slave a stealth slave: just define the nameserver
instance as a slave, and leave it out of the NS records.
>2) How can we determine a zone is a delegated zone or a forward zone,
>instead of secondary authoritative zone?
>
>
Either a nameserver instance is authoritative for a given zone, or it is
not. If it is authoritative, it should answer with the AA bit on in its
responses. Now, if a nameserver instance is authoritative for a given
zone, you can't tell for sure whether it's master or slave, but why do
you care? That's something that matters to the authoritative servers
themselves, but DNS clients shouldn't care about the distinction. Sure,
the MNAME field of the SOA RR should designate the master, but this is
advisory at best.
If a nameserver instance is *not* authoritative for a particular zone,
then there are multiple ways that it can still resolve names in the
zone. It could be set up to forward queries to some other nameserver
instance(s), it could be set up as a "stub" for the zone (where it only
replicates the "top" of the zone, i.e. SOA and NS records, and figures
out the rest via iterative resolution), or it could just resolve names
in the zone through pure iterative resolution, where maybe the only
"hardcoded" information is the "hints" information for the root zone,
used at startup.
You also mentioned "delegated". A delegated nameserver for a zone *must*
be authoritative for the zone, otherwise it's what we call a "lame
delegation".
So, with that background information established, would you like to
rephrase your question?
- Kevin
More information about the bind-users
mailing list