[dns-operations] Zone cut on _tcp.example.ca

Tony Finch dot at dotat.at
Tue Feb 9 15:52:04 UTC 2016

David C Lawrence <tale at akamai.com> wrote:
> Jacques Latour writes:
> > One of our d-zone (secondary dns service) customers wants to a zone that
> > looks like this:  _tcp.example.ca
> Yep, it's fine.  Doesn't violate the LDH rules as long as their
> aren't any address records associated with that name or its
> descendants.


We have a number of delegations so support special SRV records. We don't
use views (instead we have a private subdomain) but our phone system has
awkward requirements which effectively depend on views. Fortunately these
awkward requirements are confined to SRV records so we have delegated some
small subdomains to the phone system's own DNS servers.

During the testing phase we delegated _tcp.phone.cam.ac.uk but we got rid
of that delegation after full deployment.

We now have zone cuts at _sips._tcp.cam.ac.uk and a number of similar
names, so the SRV record(s) are at the apex of the delegated zone. This
might be surprising but in fact it is perfectly fine.

We did this so that other services could have their own SRV records under
_tcp.cam.ac.uk without getting muddled up with the phone system's awkward

f.anthony.n.finch  <dot at dotat.at>  http://dotat.at/
West Forties, Cromarty, Forth, Tyne, Dogger: Westerly veering northwesterly 5
to 7, occasionally 4 at first, perhaps gale 8 for a time later. Moderate or
rough. Rain or showers. Good, occasionally moderate.

More information about the dns-operations mailing list