[dns-operations] All NSs for a TLD being in the TLD itself
Jaap Akkerhuis
jaap at NLnetLabs.nl
Tue Oct 29 10:18:30 UTC 2013
On 29 Oct 2013, at 09:24, Calvin Browne <calvin at orange-tree.alt.za> wrote:
> I'm going to point out that .se went down because of a problem
right at this point relativly recently.
IIRC, that problem had nothing to do with whether the TLD's NS
RRset was in the zone or not. Something went wrong with zone
file generation and that RRset got corrupted somehow. [When the
authoritative NS RRset gets mangled, it doesn't matter if the
targets of those NS records are inside or outside the zone.]
Things still worked (sort of). The delegation info at the root
was unchanged and valid. Resolvers got referrals to the
authoritative .se name servers even though those servers might
not have had NS records in the .se zone itself.
If I remember correctly, the whole mess was augmented by all these
resolvers which thought that SE had a delegation only policy. When
the name servers became in balliwick ...
jaap
More information about the dns-operations
mailing list