conflicting subdomain delegation
Lyle Giese
lyle at lcrcomputer.net
Tue Nov 13 17:17:41 UTC 2018
On 11/13/2018 11:04 AM, Frank Liu wrote:
> Hi,
>
> Is there a RFC determining which nameserver to use if there is a
> conflicting subdomain delegation?
>
> eg:
> In the zone of a.com <http://a.com>, there are two NS delegations:
>
> b.a.com <http://b.a.com> NS host1
> c.b.a.com <http://c.b.a.com> NS host2
>
> On host1 in zone b.a.com <http://b.a.com>, there is
> c.b.a.com <http://c.b.a.com> NS host3
>
> As you can see, there is a conflicting delegation for c.b.a.com
> <http://c.b.a.com>. If I look a name d.c.b.a.com <http://d.c.b.a.com>,
> will the nameserver host2 or host3 be used?
> dig +trace seems to go to host2, but bind9 as a resolver goes to host3.
> (the test was done on a centos7).
>
> Any ideas?
> Thanks!
>
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
I would expect that behavior if the Bind9 resolver was setup to query
host1. If bind9 queries a server that is authoritive for b.a.com, I
would expect that result. If the bind9 resolver is setup to query a
recursive only server(other than host1), I would expect the same
behavior as the +trace result.
so I think the answer is dependant on how your bind9 resolver is configured.
Lyle Giese
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20181113/c4635074/attachment.html>
More information about the bind-users
mailing list