Re: [dnsext] Short introduction to zone cuts?
Doug Barton <dougb@dougbarton.us> Sun, 18 March 2012 01:36 UTC
Return-Path: <dnsext-bounces@ietf.org>
X-Original-To: namedroppers-archive-gleetwall6@lists.ietf.org
Delivered-To: ietfarch-namedroppers-archive-gleetwall6@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ADA5B21F85C2; Sat, 17 Mar 2012 18:36:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1332034609; bh=52wOFhdbrg+ieAGxmu+VvXQ9L+QvGIERYQGaD4P7iPI=; h=Message-ID:Date:From:MIME-Version:To:References:In-Reply-To:Cc: Subject:List-Id:List-Unsubscribe:List-Archive:List-Post:List-Help: List-Subscribe:Content-Type:Content-Transfer-Encoding:Sender; b=vRU95+Shgx+rsfKqu4xICdjZqguv6bqii+g6h9kdTU+7cxbP+ITeEdyNrLzXKycUA QLQhrG8EQaWQj/GXwG4VGkvQFpqRgYmc39yDbaFE9Wt7g18M1GzVAS+E+twxs/MlZZ 76hHAXlMFjWpIBiJYgzXyNQtcrKpfjOOIJuqaHWo=
X-Original-To: dnsext@ietfa.amsl.com
Delivered-To: dnsext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5906921F85C2 for <dnsext@ietfa.amsl.com>; Sat, 17 Mar 2012 18:36:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.658
X-Spam-Level:
X-Spam-Status: No, score=-3.658 tagged_above=-999 required=5 tests=[AWL=-0.059, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zsb09D+sr0CQ for <dnsext@ietfa.amsl.com>; Sat, 17 Mar 2012 18:36:47 -0700 (PDT)
Received: from mail2.fluidhosting.com (mx22.fluidhosting.com [204.14.89.5]) by ietfa.amsl.com (Postfix) with ESMTP id A170B21F85C0 for <dnsext@ietf.org>; Sat, 17 Mar 2012 18:36:47 -0700 (PDT)
Received: (qmail 25548 invoked by uid 399); 18 Mar 2012 01:36:43 -0000
Received: from unknown (HELO opti.dougb.net) (dougb@dougbarton.us@12.207.105.210) by mail2.fluidhosting.com with ESMTPAM; 18 Mar 2012 01:36:43 -0000
X-Originating-IP: 12.207.105.210
X-Sender: dougb@dougbarton.us
Message-ID: <4F653C29.2070103@dougbarton.us>
Date: Sat, 17 Mar 2012 18:36:41 -0700
From: Doug Barton <dougb@dougbarton.us>
Organization: http://SupersetSolutions.com/
User-Agent: Mozilla/5.0 (X11; FreeBSD i386; rv:10.0.2) Gecko/20120218 Thunderbird/10.0.2
MIME-Version: 1.0
To: Ray Bellis <Ray.Bellis@nominet.org.uk>
References: <946E9EC4-9872-4A98-BCEB-3CD7420929A1@vpnc.org> <20120316233618.16C831E9F8E3@drugs.dv.isc.org> <8D53F412-A917-4DB2-9B7F-527B8FDD6779@nominet.org.uk>
In-Reply-To: <8D53F412-A917-4DB2-9B7F-527B8FDD6779@nominet.org.uk>
X-Enigmail-Version: 1.3.5
OpenPGP: id=1A1ABC84
Cc: Paul Hoffman <paul.hoffman@vpnc.org>, DNSEXT Working Group <dnsext@ietf.org>
Subject: Re: [dnsext] Short introduction to zone cuts?
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: dnsext-bounces@ietf.org
Errors-To: dnsext-bounces@ietf.org
On 03/17/2012 06:31, Ray Bellis wrote: > > On 16 Mar 2012, at 23:36, Mark Andrews wrote: > >> RFC 1034 say all you need to say for zone operators about NS record. > > IMHO, there's more to it than that. > > For example, if you have this in a parent zone: > > 1.1.1.1.5.5.5.3.0.2.1.e164.arpa. IN NS ns1.example.com > > and this in the child zone: > > $ORIGIN 5.5.5.3.0.2.1.e164.arpa. > @ SOA ... > @ NS ns1.example.com > 0.0.0.0 NAPTR ... > 1.0.0.0 NAPTR ... > > it currently works - the parent zone points to the right server, but the parent and child disagree on where the zone cut is. I'm not sure what you mean by "works" here. If you mean that anyone using ns1.example.com directly will see those records, then yes, it works -- for those users. But assuming that ns1.example.com is not included in the NS set of the parent zone, no one else will see the 2 NAPTR records you listed above. So in that sense it doesn't work ... at least, it doesn't work the way that the administrator of ns1.example.com wants it to. Doug -- If you're never wrong, you're not trying hard enough _______________________________________________ dnsext mailing list dnsext@ietf.org https://www.ietf.org/mailman/listinfo/dnsext
- [dnsext] Short introduction to zone cuts? Paul Hoffman
- Re: [dnsext] Short introduction to zone cuts? Mark Andrews
- Re: [dnsext] Short introduction to zone cuts? Ray Bellis
- Re: [dnsext] Short introduction to zone cuts? Paul Hoffman
- Re: [dnsext] Short introduction to zone cuts? Mark Andrews
- Re: [dnsext] Short introduction to zone cuts? Doug Barton
- Re: [dnsext] Short introduction to zone cuts? Ray Bellis
- Re: [dnsext] Short introduction to zone cuts? Doug Barton
- Re: [dnsext] Short introduction to zone cuts? Mark Andrews
- Re: [dnsext] Short introduction to zone cuts? Ray Bellis
- Re: [dnsext] Short introduction to zone cuts? Tony Finch
- Re: [dnsext] Short introduction to zone cuts? Doug Barton