IETF Logo Mail Archive

Re: Should a nameserver know about itself?

Peter Koch <pk@TechFak.Uni-Bielefeld.DE> Thu, 10 May 2001 10:33 UTC

Received: from nic.cafax.se ([192.71.228.17]) by ietf.org (8.9.1a/8.9.1a) with SMTP id GAA22229 for <dnsop-archive@odin.ietf.org>; Thu, 10 May 2001 06:33:48 -0400 (EDT)
Received: by nic.cafax.se (8.12.0.Beta5/8.12.0.Beta5) id f4AABkxd006793 for dnsop-outgoing; Thu, 10 May 2001 12:11:46 +0200 (MEST)
Received: from gemma.TechFak.Uni-Bielefeld.DE (gemma.TechFak.Uni-Bielefeld.DE [129.70.136.103]) by nic.cafax.se (8.12.0.Beta7/8.12.0.Beta5) with ESMTP id f4AABiLt006788 for <dnsop@cafax.se>; Thu, 10 May 2001 12:11:45 +0200 (MEST)
Received: from grimsvotn.TechFak.Uni-Bielefeld.DE (grimsvotn.TechFak.Uni-Bielefeld.DE [129.70.137.40]) by gemma.TechFak.Uni-Bielefeld.DE (8.9.1/8.9.1/TechFak/pk+ro20000427) with SMTP id LAA26962; Thu, 10 May 2001 11:07:23 +0200 (MET DST)
Received: from localhost by grimsvotn.TechFak.Uni-Bielefeld.DE (SMI-8.6/pk19971205) id LAA22614; Thu, 10 May 2001 11:07:22 +0200
Message-Id: <200105100907.LAA22614@grimsvotn.TechFak.Uni-Bielefeld.DE>
To: Jim Reid <Jim.Reid@nominum.com>
Cc: dnsop@cafax.se
Subject: Re: Should a nameserver know about itself?
In-reply-to: Your message of "Thu, 10 May 2001 00:55:54 PDT." <30735.989481354@shell.nominum.com>
X-Organization: Uni Bielefeld, Technische Fakultaet
X-Phone: +49 521 106 2902
Date: Thu, 10 May 2001 11:07:22 +0200
From: Peter Koch <pk@TechFak.Uni-Bielefeld.DE>
Sender: owner-dnsop@cafax.se
Precedence: bulk

> Yes, but there is one notorious DNS implementation that doesn't do
> that. It fails to return any answer -- not even a referral for . -- if
> it's asked for a name that it isn't authoritative for.

That may even be helpful for the victim of a lame delegation, but anyway,
let's not go down this particular path. On the other hand, can we compile
a document (e.g. BCP) with technical/operational delegation prerequisites?
I remember that back in DNSIND times there were plans heading that direction.

The set of (non controversial) mandatory features to test may be small, but
still it might be helpful to have a "blessed" set of - optional - test
patterns.

Years ago, when I worked for a - then small - registry, we checked the
general nameserver setup before doing the delegation (correct 127.0.0.1
reverse mapping, root hints, forwarding etc.) in addition to a "sane"
zone configuration (NS and MX RRs, SOA timer, RNAME ...). At that time
pretty much everybody used "a" nameserver as server and resolver/forwarder,
so the checks were reasonable. Nowadays, even if you ignore the anti-registry-
djihad fraction, tests would have to accept a far broader range of setups.

-Peter

v2.23.0 | Report a Bug | By Email