[dns-operations] finding the longest encloser

Mark Andrews marka at isc.org
Wed Feb 17 00:06:58 UTC 2010

In message <803155B3-7FFF-48FF-8AF1-D9FBF92F09C0 at rfc1035.com>, Jim Reid writes:
> On 16 Feb 2010, at 22:27, Crist Clark wrote:
> >> The SOA record does not contain the longest existing suffix.  I think
> >> you really need to know that the root is delegation-centric, or that
> >> all delegations have a single label, combined with the SOA trick to
> >> deal with the arpa. special cases.
> >
> > Shouldn't it always contain the longest valid zone? I mean, that's
> > what it's there for right?
> Yes and no. Once upon a time, I was co-author of a draft that  
> suggested using the SOA record in an NXDOMAIN response to find the  
> closest enclosing delegation. This was to be used in ENUM domain names  
> with ~20 labels and could have contain a handful of delegations:  
> walking up the domain name label at a time to find the deepest  
> delegation point (=> "closest" default SIP/PSTN terminator) would have  
> been painful.
> I was told that this was too clever by half and it wasn't acceptable  
> for clients to treat SOA records in this way because they were in the  
> Authority Section. Clients were supposed to only act on whatever was  
> in the Answer Section.

Note res_findzonecut() has done this sort of thing for over a decade.
Make a SOA query and look at the authority section to determine the
zone cut if possible otherwise strip off a label and requery.


> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org

More information about the dns-operations mailing list