[dns-operations] Why the record locates in com. zone?
Ed.Lewis at neustar.biz
Tue Sep 13 12:44:26 UTC 2011
I just did a query and see that zq681.com is on
different NS now - mns0.domaincontrol.com.
Not looking much further myself, I'd say that the
domain name is "in motion." What I've learned is
that it is very hard to figure out what's
happening by looking at the output of dig and
even whois. If you want to get to the bottom of
this, you might call the registrants and/or
Beyond that, it is possible that COM would hold
glue records for ns1.wondns.com even if it is not
an NS for zq681.com. The reason is that it could
be hosting another domain name. Without any out
of band knowledge, it is nearly impossible to
discover this. (You can get a zone transfer from
Verisign and look.)
And finally, Mark is right, you probably should
read up on "glue" - not just in the RFCs but in
some other texts on DNS. Glue is a feature of
DNS that is misunderstood my many people, even
those with moderate amounts of experience in the
protocol. It's "frustrating-ly simple."
At 16:07 +0800 9/13/11, ¡ñæêØÅFÅj wrote:
The com zone tell us that the NSes for zq681.com
is ns[3-4].wondns.com while the NSes
for wondns.com is ns[1-2].wondns.com. At the
same time, the glue for ns[1-2].wondns.com do be
in the com zone. So I think it is not neccessary
for the com zone to have the glue for ns[3-4],
though the existence of the glues may be not
wrong but be effective for lookup performance.
<mailto:liumingxing at cnnic.cn>liumingxing at cnnic.cn
¢åèêlÅF Mark Andrews
¢ëó ±ºÅF 2011-09-12 22:21:23
è¥ëóÅF carlos; dns-operations
éÂÃÅF Re: [dns-operations] Why the record locates in com. zone?
Please go read up about glue records.
One of the goals of the zone structure is that any zone have all the
data required to set up communications with the name servers for any
subzones. That is, parent zones have all the information needed to
access servers for their children zones. The NS RRs that name the
servers for subzones are often not enough for this task since they name
the servers, but do not give their addresses. In particular, if the
name of the name server is itself in the subzone, we could be faced with
the situation where the NS RRs tell us that in order to learn a name
server's address, we should contact the server using the address we wish
to learn. To fix this problem, a zone contains "glue" RRs which are not
part of the authoritative data, and are address RRs for the servers.
These RRs are only necessary if the name server's name is "below" the
cut, and are only used as part of a referral response.
and also from RFC 1034
As the last installation step, the delegation NS RRs and glue RRs
necessary to make the delegation effective should be added to the parent
zone. The administrators of both zones should insure that the NS and
glue RRs which mark both sides of the cut are consistent and remain so.
So to answer your question, the address records need to be stored
in *both* the com and wondns.com zones and they also need to be
kept in the same.
In message <515833501.01129 at cnnic.cn> <201109122118183171998 at cnnic.cn>, "=?gb23
> sorry, I did not give a explicit discription about my question. The
> question is that in my opinion the RR "ns3.wondns.com. 172800 IN A
> 126.96.36.199" should not be included in the 'com.' zone but in the
> wondns.com zone.
> The zq681.com zone is authorized to the servers ns3.wondns.com zone
> and ns4.wondns.com. Well, at the time, one question is coming ---where
> should be the addresses of the two servers stored? Maybe in the com zone
> or maybe in the wondns.com zone. It is known that wondns.com zone is
> Authorized out to the two servers --ns1.wondns.com and ns2.wondns.com, so
> the RR "ns3.wondns.com. 172800 IN A 188.8.131.52" should exist in
> the wondns.com zone instead of the com zone. However, I find that the RR
> exists in the com zone. I want to know whether the RR should exist in the
> com zone.
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
dns-operations mailing list
dns-operations at lists.dns-oarc.net
dns-jobs mailing list
NeuStar You can leave a voice message at +1-571-434-5468
Vote for the word of the day:
"Papa"razzi - father that constantly takes photos of the baby
Corpureaucracy - The institution of corporate "red tape"
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the dns-operations