NS record question
Roy Arends
Roy.Arends at nominum.com
Mon Mar 26 21:01:47 UTC 2001
On Mon, 26 Mar 2001, Bob Vance wrote:
> Roy said:
> >In the parent zone, there _has_ to be delegation records for the child
> >zone in any scenario, they should be identical copy of the NS records
> in
> >the childs apex.
>
> Actually, it appears that you do *not* have to have the NS records in
> the parent zone *file*, though -- only in the child zone *file*.
>
> This makes sense because, the NS records defined in child zone file will
> show up in the servers cache anyway, since it's on the same server.
>
> Thus, the NOTIFY issue that I raised couldn't actually exist -- the
> primary *will* have the NS records for the child zone, like it or not :)
sigh,
This is only true when
1) parent and child reside on same server AND
2) the set of slaves for both zones are identical AND
3) your using bind-8, which can not differ apex and zone-cut records AND
4) you're not using DNSSEC AND
5) you want to violate rfc1034
> Thus I would say that the answer to the original question:
>
> > Should I have NS records for a delegated zone even if the delegation
> is on
> > the same nameserver?
> > ---
> > db.mydomain.com
> > @ IN SOA ns.mydomain.com root.mydomain.com ( ... )
> > IN NS ns.mydomain.com.
> > IN NS ns1.mydomain.com.
> >
> > zone1 IN NS ns.mydomain.com. # should these lines be here
> > zone1 IN NS ns2.mydomain.com #
>
> is,
> "No. You are not *required* to enter them into the parent zone file.
> They will appear from the child zone file.
> You *must* have the NS records in the child zone file or it will not
> load.
> "
If all the specified points are met, then yes, but those were not
specified in the original question.
> This would be a good thing in the sense of defining the records in only
> on place. But, of course, puts obfuscation above readability and
> understanding :)
I agree.
Roy Arends
Nominum
More information about the bind-users
mailing list