[dns-operations] Why the record locates in com. zone?

Edward Lewis Ed.Lewis at neustar.biz
Tue Sep 13 12:44:26 UTC 2011 

I just did a query and see that zq681.com is on 
different NS now - mns0[12].domaincontrol.com. 
Not looking much further myself, I'd say that the 
domain name is "in motion."  What I've learned is 
that it is very hard to figure out what's 
happening by looking at the output of dig and 
even whois.  If you want to get to the bottom of 
this, you might call the registrants and/or 
registrars involved.

Beyond that, it is possible that COM would hold 
glue records for ns1.wondns.com even if it is not 
an NS for zq681.com.  The reason is that it could 
be hosting another domain name.  Without any out 
of band knowledge, it is nearly impossible to 
discover this.  (You can get a zone transfer from 
Verisign and look.)

And finally, Mark is right, you probably should 
read up on "glue" - not just in the RFCs but in 
some other texts on DNS.  Glue is a feature of 
DNS that is misunderstood my many people, even 
those with moderate amounts of experience in the 
protocol.  It's "frustrating-ly simple."

At 16:07 +0800 9/13/11, ¡žñæêØÅFÅj wrote:
The com zone tell us that the NSes for zq681.com 
is ns[3-4].wondns.com while the NSes 
for wondns.com  is ns[1-2].wondns.com. At the 
same time, the glue for ns[1-2].wondns.com do be 
in the com zone. So I think it is not neccessary 
for the com zone to have the glue for ns[3-4], 
though the existence of the glues may be not 
wrong but be effective for lookup performance.
2011-09-13

Mingxing, Liu
CNNIC
<mailto:liumingxing at cnnic.cn>liumingxing at cnnic.cn


¢åèêlÅF Mark Andrews

¢ëó ±º”ÅF 2011-09-12  22:21:23
ùæåèêlÅF ¡žñæêØÅFÅj
è¥ëóÅF carlos; dns-operations
éÂÃ’ÅF Re: [dns-operations] Why the record locates in com. zone?
Please go read up about glue records.
RFC 1034:
One of the goals of the zone structure is that any zone have all the
data required to set up communications with the name servers for any
subzones.  That is, parent zones have all the information needed to
access servers for their children zones.  The NS RRs that name the
servers for subzones are often not enough for this task since they name
the servers, but do not give their addresses.  In particular, if the
name of the name server is itself in the subzone, we could be faced with
the situation where the NS RRs tell us that in order to learn a name
server's address, we should contact the server using the address we wish
to learn.  To fix this problem, a zone contains "glue" RRs which are not
part of the authoritative data, and are address RRs for the servers.
These RRs are only necessary if the name server's name is "below" the
cut, and are only used as part of a referral response.
and also from RFC 1034
As the last installation step, the delegation NS RRs and glue RRs
necessary to make the delegation effective should be added to the parent
zone.  The administrators of both zones should insure that the NS and
glue RRs which mark both sides of the cut are consistent and remain so.
So to answer your question, the address records need to be stored
in *both* the com and wondns.com zones and they also need to be
kept in the same.
Mark
In message <515833501.01129 at cnnic.cn> <201109122118183171998 at cnnic.cn>, "=?gb23
12?B?wfXD99DHo7qjqQ==?=" writes:
>       sorry, I did not give a explicit discription about my question. The
> question is that in my opinion the RR "ns3.wondns.com.  172800 IN A
> 113.105.171.124" should not be included in the 'com.' zone but in the
> wondns.com zone.
>       The zq681.com zone is authorized to the servers ns3.wondns.com zone
> and ns4.wondns.com. Well, at the time, one question is coming ---where
> should be the addresses of the two servers stored? Maybe in the com zone
> or maybe in the wondns.com zone. It is known that wondns.com zone is
> Authorized out to the two servers --ns1.wondns.com and ns2.wondns.com, so
> the  RR "ns3.wondns.com.  172800 IN A 113.105.171.124" should exist in
> the wondns.com zone instead of the com zone. However, I find that the RR
> exists in the com zone. I want to know whether the RR should exist in the
> com zone.
>
> 2011-09-12
>
>
>
> Mingxing
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org

_______________________________________________
dns-operations mailing list
dns-operations at lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
dns-jobs mailing list
https://lists.dns-oarc.net/mailman/listinfo/dns-jobs


-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis             
NeuStar                    You can leave a voice message at +1-571-434-5468

Vote for the word of the day:
"Papa"razzi - father that constantly takes photos of the baby
Corpureaucracy - The institution of corporate "red tape"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20110913/f7bced34/attachment.html>

More information about the dns-operations mailing list