cname quick question

[Erik Aronesty]

As I've been trying to point out for many, many weeks now - despide being
trashed by the "nominum" crowd.

If CNAMEs are at the root of a zone, care *must be taken* to ensure that the
NS records at the root of a zone that contains a CNAME must match, exactly,
the NS records for the "parent".  IE: you can not use NS records for
"delegation" in a zone where there is a CNAME at the root, only for
"authority" or "glue".  This prevents the potential for ambiguity that such
a zone can cause - and will work with the current resolver algorithm.

        - Erik

----- Original Message -----
From: "Danny Mayer" <mayer at gis.net>
To: "glen herrmannsfeldt" <gah at ugcs.caltech.edu>;
<comp-protocols-dns-bind at uunet.uu.net>
Sent: Tuesday, March 06, 2001 10:46 PM
Subject: Re: cname quick question


>
> At 06:21 PM 3/6/01, glen herrmannsfeldt wrote:
> >Jim Reid <jim at rfc1035.com> writes:
> >
> >(snip)
> >
> > >Like Tal Dayan, you are being obtuse or deliberately provocative.
> > >Please *read* the extract from RFC1034 above. Now *think* about what
> > >it says and what that means. Pay particular attention to the last
> > >sentence. Hint: suppose clueless.example.com was a CNAME pointing at
> > >moron.example.net. That CNAME is cached by some name server. It can
> > >safely use that cached CNAME without having to query the example.com
> > >name servers to check that no other record types exist for
> > >clueless.example.com.
> >
> >It would seem that the problem is political and not technical.
>
>          No, the problem IS technical.  A large number of problems are now
showing
> up where people are getting transfer errors when trying to update the
slave servers.
>
>          Danny
>
>
>
>