separation of authoritative and recursive functions on internal networks
Grant Taylor
gtaylor at tnetconsulting.net
Tue Feb 16 01:37:53 UTC 2016
On 02/07/2016 04:12 PM, Reindl Harald wrote:
> Warn SOA MNAME entry WARNING: SOA MNAME
> (tncsrv06.tnetconsulting.net) is not listed as a primary nameserver at
> your parent nameserver!
I know that this is a late reply, but I just ran across something that
relates to this:
Per section 6.8 of "DNS Delegation Requirements" (Internet-Draft)
(http://www.ietf.org/id/draft-wallstrom-dnsop-dns-delegation-requirements-00.txt)
states the following:
> 6.8. SOA MNAME MUST be authoritative for the zone
Check.
> The hostname of the MNAME field may or *may not be listed among
> the delegated name servers*, but SHOULD still be authoritative
> for the zone. MNAME may be used for other services, e.g., DNS
> NOTIFY [RFC1996] and DNS Dynamic Updates [RFC2136].
So, per current Internet-Draft for delegation, the SOA MNAME is not
required to be listed as a NS.
> It should be noted that there are no formal requirement that the
> name server listed in the SOA MNAME is reachable from the public
> Internet. Because of this, it may be difficult to implement a
> reasonable test for this requirement.
--
Grant. . . .
unix || die
More information about the bind-users
mailing list