[dns-operations] All NSs for a TLD being in the TLD itself

Randy Bush randy at psg.com
Fri Oct 25 13:45:54 UTC 2013

> xn--ngbc5azd.		172800	IN	NS	a.nic.xn--ngbc5azd.
> xn--ngbc5azd.		172800	IN	NS	b.nic.xn--ngbc5azd.
> xn--ngbc5azd.		172800	IN	NS	c.nic.xn--ngbc5azd.
> xn--ngbc5azd.		172800	IN	NS	d.nic.xn--ngbc5azd.
> a.nic.xn--ngbc5azd.	172800	IN	A
> a.nic.xn--ngbc5azd.	172800	IN	AAAA	2001:dcd:1:0:0:0:0:3
> b.nic.xn--ngbc5azd.	172800	IN	A
> b.nic.xn--ngbc5azd.	172800	IN	AAAA	2001:dcd:2:0:0:0:0:3
> c.nic.xn--ngbc5azd.	172800	IN	A
> c.nic.xn--ngbc5azd.	172800	IN	AAAA	2001:dcd:3:0:0:0:0:3
> d.nic.xn--ngbc5azd.	172800	IN	A
> d.nic.xn--ngbc5azd.	172800	IN	AAAA	2001:dcd:4:0:0:0:0:3
> This works, of course, but it feels a bit fragile for me. Is there a
> history of this being unsafe? Of being more safe than NSs whose names
> are in other TLDs?

what do you think is fragile?  the in-baliwick glue?  why?

the ip address clumping would worry me if i thought they were not


More information about the dns-operations mailing list