Claiming Authority for root
Jim Reid
jim at rfc1035.com
Thu Jun 29 19:50:47 UTC 2000
>>>>> "Barry" == Barry Margolin <barmar at genuity.net> writes:
Allen> When a reply is given, my name server claims authority for
Allen> the (root) domain. Will other name servers on the internet
Allen> see this information and start asking me for all of it's
Allen> root requests?
>> Only if they're stupid enough to ask your name server about
>> the root zone or forward queries to your server. And as soon as
>> they do that, they'll see your name space rather than the real
>> one on the Internet.
Barry> They might send queries to domains that are delegated to
Barry> his server, and it might include root NS records in the
Barry> Authority Section, and they could get cached.
Well maybe. But I think it's highly unlikely that the server would
return NS records for "." in the Authority Section in the answers to
those queries. I suppose if they *really* screwed up their name server
by putting everything in a local "." zone - which appears to be what
they are doing! - and only having NS records for "." in that zone,
then this could result in bogus root NS records in the authority
section. And these bogus records could of course get cached. Hopefully
nobody would mess things up that badly. Then again, there's always the
prospect that someone will uncover new depths in broken zone files and
name server set-up.
More information about the bind-users
mailing list