non-delegating NS records

Cricket Liu cricket at acmebw.com
Fri Jun 9 18:21:37 UTC 2000 

> Could someone clarify a few questions.  I have that feeling that I'm
> missing something really, really obvious in my understanding of bind.
>
> In a zone file what is the point of the NS records when not delegating to
> another name server?
>
> For example,
>
> $ORIGIN hank.org.
> @ IN NS  ns1.hank.org.
>        IN NS  ns2.hank.org.
>        IN NS  ns1.granitecanyon.com.
>
>
> Say a request comes in to the bind running on ns1.hank.org:
>
> - Bind already knows it's authoritative for the zone because of the
> "master" or "slave" in named.conf.  So it doesn't need to see that ns1
> (itself) is in its zone file.
>
> - The requester (remote resolver) doesn't need to know the name of
> ns1.hank.org as it already knows that (from the parent/root server) and is
> currently talking to ns1.hank.org anyway.
>
> - The requester doesn't really need to know that ns2.hank.org is also
> authoritative for the zone because a) it should know that from the
> parent/root delegation, and b) it is already talking to an authoritative
> server (ns1) and therefore shouldn't need to talk to ns2.

True, but the list of NS RRs from the delegator might
not match the list in the zone.  In this case, the name
server that followed the referral will replace the delegator's
list with the list from the authoritative name server, which
has higher credibility.

> The only feature I can think of is that those DNS entries allow Bind to
> send NOTIFY notice to ns2.hank.org when there's a zone file change.  Or
> maybe allow you to make other name servers available that aren't
officially
> delegated to in the parent server.

Yes, the NS RRs are also used by NOTIFY to figure
out which name servers are running slaves.

> But neither of those are very good reason.  So clearly I'm missing
something.

NOTIFY isn't a very good reason?  I disagree.

cricket

Acme Byte & Wire
cricket at acmebw.com
www.acmebw.com

Attend the next Internet Software Consortium/Acme Byte & Wire
DNS and BIND class!  See www.acmebw.com/training.htm for
the schedule and to register for upcoming classes.

More information about the bind-users mailing list