MNAME not a listed NS record

Barry Margolin barmar at alum.mit.edu
Thu Jan 17 02:47:54 UTC 2013 

In article <mailman.1085.1358384707.11945.bind-users at lists.isc.org>,
 Chuck Swiger <cswiger at mac.com> wrote:

> On Jan 16, 2013, at 4:30 PM, Barry Margolin wrote:
> [ ... ]
> >>>> On Jan 16, 2013, at 12:40 PM, Dave Warren wrote:
> >>>>> Is there anything technically wrong with having a SOA MNAME field that 
> >>>>> isn't listed as a NS record?
> >>>> 
> >>>> Sure.  The SOA MNAME is expected to be the "primary master" nameserver 
> >>>> for 
> >>>> the zone; it's where things like dhcpd and such send dynamic updates for 
> >>>> the zone to.
> >>> 
> >>> But that doesn't mean it should be the server for resolver queries.
> >> 
> >> True, but I don't see much utility from a nameserver which can be 
> >> dynamically
> >> updated but not queried.
> > 
> > Who says you're using dynamic update? The MNAME field has been part of 
> > the DNS standard since long before DHCP and dynamic update.  In many 
> > instances it's just an FYI field.
> 
> Nothing says one is using dynamic updates; if you aren't, then sure, the
> MNAME field is quite a bit less important than if you are.

You seemed to be assuming that they are, and that the MNAME field is 
important.

> 
> [ ... ]
> >> Sure.  In which case, why publish an internal-only machine into the public
> >> DNS via your SOA record?  Someone else made mention of a "stealth master",
> >> but my definition of that is an internal machine which is not visible in
> >> any publicly published records.
> > 
> > You have to put something in the MNAME. You could lie and put one of the 
> > public nameservers, but why do that when you could put the true master?
> 
> Are you asking why someone would not publish an internal-only hostname?
> 
> Maybe it's using RFC-1918 addresses and only reachable on one's LAN?

No, I'm asking why you would put one of the external nameservers in the 
MNAME field, even if it's not really the master, just to avoid the 
warning that the MNAME isn't one of the NS.

But the rest of your answers seem to be just saying that there's no 
point in having a hidden master in the first place.

-- 
Barry Margolin
Arlington, MA

More information about the bind-users mailing list