[dns-operations] Reporting glue as authoritive data -- Bug!
Mark_Andrews at isc.org
Fri Feb 1 01:22:03 UTC 2008
> At 4:58 +0000 1/31/08, Paul Vixie wrote:
> >plenty of delegation-only domains including TLD's are served by all-BIND9,
> >and so would already have hit this problem if it were still a problem.
> I don't agree with that logic.
> From my perspective there are two cases in which I have seen hybrids.
> I've described them before, now I'll call them the ARPA one and the
> Ultra one.
> The ARPA one I know full well, it was a unique case of ARPA-NET-COM
> interrelations. Other TLDs might have a few cases of this double
> side step, but it ARPA is rife with it. Because this hits NET and
> COM, Verisign's ATLAS is pretty well justified in using hybrids. And
> it might be that is it the only place they are needed. My point
> being, it might be that this is a problem unique to what COM and NET
> see - or more accurately - have seen (in the past).
The extra lookup would be a problem for ARPA regardless of
which tld the server is in as it as almost no delegations
are to servers in ARPA. This adds a extra level of indirection
that is not found in other TLDs.
COM/NET introduces extra problems because they can support
delegations that require glue outside of the individual
TLD (COM or NET).
Other TLDs don't support such delegations, the most they
support is delegations that require sibling glue. Attempts
to setup delegations that require external glue fail.
Changing COM and NET's glue acceptance policy to only publish
glue for nameservers which are within the the relevent zone
would bring them into line with all other TLDs.
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the dns-operations