Conflict among subdomains?

[Joseph S D Yao]

> I'm a totally non-techno end user who is trying to find out some
> information that my campus techno people don't seem to know.  I'm trying
> to find out if what I want is possible, and if so, what I need to tell
> them so they will know how to do it.
> 
> I run a small webserver on a PowerMac (strong.uncg.edu).  "strong" is
> our organization, and for clarity and group identity among our members I
> want have the other machines in the organization given names like, say,
> mercury.strong.uncg.edu, venus.strong.uncg.edu, earth.strong.uncg.edu,
> etc.  But these other machines are not subordinate on the physical
> network to strong.uncg.edu; they are just other machines on the campus
> uncg.edu network.  (I don't know the technical language here, so what
> I'm saying may make no sense.)

This is certainly possible.  [Except that, in "real" networking - as
opposed to Microsoft networking - machines are not subordinate to each
other on the physical network.  ;-)]

YOU MUST REMEMBER, however, that their primary responsibilities are to
maintain the network properly and to follow University policies.  If
there is anything in this naming that violates any University or
Department policies, or even if taking the time to do this would take
time from their required duties, they are perfectly within their rights
to say "no".  They may not even be required to tell you why.

Having said that ...  ;-)

Forgive the length of the following, but you did stress that you were
non-technoid to a fault.

DNS does a mapping of things to other things.  The usual such mapping
is from computer names to IP addresses - the numbers that tell where
and in which network a computer is located.  Another, often called
reverse DNS, is from the IP addresses to the names.

There are, what now, millions or billions of computers in the world?
You can see that no one list could contain all of them, even if people
would stop changing them around every second.  ;-)  So DNS is
"distributed" among all the domains that use it.  A given domain (like
"uncg.edu") is expected to maintain its own DNS databases.  It may also
maintain DNS databases for its sub-domains, or it may delegate that
duty to a different name server for any given sub-domain.

Your proposed "strong.uncg.edu" would be one such subdomain.  If the
primary maintainers want to keep the new names in their DNS files, they
could have it all in one file:

bio			IN A	x.x.x.v
chem			IN A	x.x.x.w
strong			IN A	x.x.x.x
earth.strong		IN A	x.x.x.y

or spin "strong" off into another file which they would maintain in the
manner I'll describe below, when talking about delegation.

If one of their issues is that they have an existing naming scheme that
helps with their system maintenance, that's also fine.  Those names are
their "canonical names".  They can set up aliases, as:

bio			IN A	x.x.x.v
chem			IN A	x.x.x.w
strong			IN A	x.x.x.x
dorm5504		IN A	x.x.x.y
earth.strong		IN CNAME	dorm5504

If they choose to "delegate" the handling of these names to you, then a
few more layers of complexity come in.  You must have a system on the
network which will run name server software, e.g., BIND 8.2.2 [the
subject of this mailing list].  You must buy a copy of Albitz & Liu's
"DNS and BIND", 3rd ed., which is to date the best book on the subject,
and read it.  You must have your "strong.uncg.edu" zone defined.  [A
"zone" is a domain that has a separate file defining it.  ;-)]

BIND 8.2.2 will run on any of the dozens of commercial and free Unix
and Unix-like systems out there [Solaris, Tru64 Unix, HP-UX, Linux,
FreeBSD, etc.].  It also runs on the "NT" version of some proprietary
system out of Redmond WA.

In named.conf:
=======================================================================
...
zone "strong.uncg.edu" IN {
	type master;
	file "zone.strong";
};
...
=======================================================================

In zone.strong:
=======================================================================
$TTL		1d		; default time-to-live is 1 day, e.g.
@		IN SOA	...	; see book for format
		IN NS	[name of the name server]
		IN A	[IP address of strong.uncg.edu]

earth		IN A	[its IP address]
...
=======================================================================

Your campus admins will have no problem declaring that the server for
strong.uncg.edu is your server system.  HOWEVER ...

If the machines' IP addresses bear no relationship to each other (e.g.,
they are not all on the same segment of the network), then it will be
very hard for you to do the "reverse DNS" mapping of IP address to
name.  Depending on how fragmented your address space is, they may even
just wish to do the reverse mapping themselves, and have you notify
them whenever you make changes to your zone files.

Alternately ... isn't it wonderful that open sources and open standards
give us so many more options than closed, proprietary things? ... there
is no rule that a machine may have just one name.  As with the CNAME
example above, your campus administrators may just keep a "canonical"
name in their databases, along with a pointer back to it in reverse
DNS.  And you would only have to maintain the forward DNS.

I hope that this helps.

--
Joe Yao				jsdy at cospo.osis.gov - Joseph S. D. Yao
COSPO/OSIS Computer Support					EMT-B
-----------------------------------------------------------------------
This message is not an official statement of COSPO policies.