[nsd-users] Records below delegation point
K Storbeck
kai at xs4all.net
Fri Mar 27 12:53:26 UTC 2009
On 10 Mar , 2009, at 9:55 AM, Stephane Bortzmeyer wrote:
> On Mon, Mar 09, 2009 at 06:19:07PM +0100,
> Anand Buddhdev <anandb at ripe.net> wrote
> a message of 38 lines which said:
>
>> My understanding is that an authoritative name server should not
>> know about records below a delegation point, so BIND's behaviour
>> seems okay.
>
> Indeed. IMHO, it is a bug in NSD. It should not have loaded the zone
> or at least ignored the below-the-cut records.
>
I'm unsure if this should be considered a bug.
It could be perfectly ok for foo.example and bar.example to delegate
sub.child back to your original "ns1" and "ns2", or directly to
some.more and yet.more. ns1 and ns2 are in that case supply a by-pass
directly to some.more and yet.more.
It saves most resolvers an extra hop they needn't to bother about.
Perhaps an interesting feature? It depends a bit on how one looks at
the ownership of the tree as a whole.
For reference:
>> $ORIGIN zone.tld.
>> @ IN SOA ns1 rname 20090309 1d 1h 4w 1h
>> IN NS ns1
>> IN NS ns2
>> ;
>> child IN NS foo.example.
>> IN NS bar.example.
>> ;
>> sub.child IN NS some.more
>> IN NS yet.more
Regards,
Kai Storbeck
More information about the nsd-users
mailing list