[dns-operations] finding the longest encloser
marka at isc.org
Wed Feb 17 00:06:58 UTC 2010
In message <803155B3-7FFF-48FF-8AF1-D9FBF92F09C0 at rfc1035.com>, Jim Reid writes:
> On 16 Feb 2010, at 22:27, Crist Clark wrote:
> >> The SOA record does not contain the longest existing suffix. I think
> >> you really need to know that the root is delegation-centric, or that
> >> all delegations have a single label, combined with the SOA trick to
> >> deal with the arpa. special cases.
> > Shouldn't it always contain the longest valid zone? I mean, that's
> > what it's there for right?
> Yes and no. Once upon a time, I was co-author of a draft that
> suggested using the SOA record in an NXDOMAIN response to find the
> closest enclosing delegation. This was to be used in ENUM domain names
> with ~20 labels and could have contain a handful of delegations:
> walking up the domain name label at a time to find the deepest
> delegation point (=> "closest" default SIP/PSTN terminator) would have
> been painful.
> I was told that this was too clever by half and it wasn't acceptable
> for clients to treat SOA records in this way because they were in the
> Authority Section. Clients were supposed to only act on whatever was
> in the Answer Section.
Note res_findzonecut() has done this sort of thing for over a decade.
Make a SOA query and look at the authority section to determine the
zone cut if possible otherwise strip off a label and requery.
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the dns-operations