[QUESTION] Delegating zone
Kevin Darcy
kcd at daimlerchrysler.com
Mon Feb 26 23:52:47 UTC 2001
Roy Arends wrote:
> On Mon, 26 Feb 2001, Paco Orozco wrote:
>
> > Hiya,
> >
> > I've got a domain, domain.com which is resolved by NS1.domain.com. I
> > want to delegate a subdomain called subdomain.domain.com. in three
> > servers NSS1.subdomain.domain.com. NSS2.domain.subdomain.com. and
> > NSS3.otherdomain.com.
> >
> > My question is: How and Where can i delegate authority to this
> > servers????
> >
> > In NS1.domain.com.:
> >
> > subdomain.domain.com. IN NS NSS1.subdomain.domain.com.
> > IN NS
> > NSS2.subdomain.domain.com.
> >
> > In NSS1/NSS2.subdomain.domain.com.:
> >
> > @ IN SOA NSS1.subdomain.com. admin. (
> > 2001022602
> > 14400
> > 1800
> > 2592000
> > 1800 )
> > IN NS
> > NSS1.subdomain.domain.com.
> > IN NS
> > NSS2.subdomain.domain.com.
> > IN NS NSS3.otherdomain.com.
> >
> > Is NSS3.otherdomain.com. authoritative of subdomain.domain.com.???
>
> This is a form of lame delegation though its not so harmfull. Yes,
> nss3.otherdomain.com. will be authoritative if its configured as such. Its
> however unlikely that nss3.otherdomain.com. ever will be queried, since no
> resolver will learn from ns1.domain.com that nss3.otherdomain.com. is
> authoritative.
Hmmm... Actually, won't the in-zone NS list, which includes the
nss3.otherdomain.com NS, overlay the delegation NS list the first time a
query is made for the zone? If so, then subsequent queries will in fact use
nss3.otherdomain.com as a nameserver for subdomain.domain.com (at least as
long as that NS list is still cached, of course)...
I agree, however, that the in-zone NS'es *should* match the delegation NS'es
and _vice_versa_.
- Kevin
More information about the bind-users
mailing list