[email protected] <[email protected]> wrote: > One of my real hosts is below xen.prgmr.com, like the fake 'zap' above, > so I would have to email prgmr.com support to get them to add > > mynew.org. IN NS zap.xen.prgmr.com. > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ << Is this valid? > > to the xen.prgmr.com zone.
There's a bit of confusion here, but this is a legitimately confusing part of the DNS because there are multiple layers of indirection and two kinds of indirection... The first kind there are the delegation records in the parent zone, and the authoritative records at the apex of the child zone. The other kind, zones have name servers, and name servers have addresses. For example, my zone is dotat.at. It has the name servers dotat.at. 3600 IN NS ns1.gratisdns.dk. dotat.at. 3600 IN NS ns3.gratisdns.dk. dotat.at. 3600 IN NS grey.dotat.at. dotat.at. 3600 IN NS puck.nether.net. For a correct delegation, these NS records have to appear in the parent zone (which I configure through my registrar) and at the apex of my zone (on my master server, alongside the SOA etc.). The second level of indirection is from name server names to addresses. These are just normal hostname address records, so they appear in the authoritative zones indicted by their names. (You seemed to be confused about where NS records live. I hope this clarified it for you!) (To make GratisDNS and Puck authoritative for my zone, I used their user interfaces to ask them to act as secondaries, telling them what my master server IP addresses are. No changes to their DNS records, just their server configutation which isn't visible from the outside.) But, there's also glue. Glue is a special case for name server hostnames which are in the child zone - in my example this applies to grey.dotat.at. These hostnames need address records in the delegation to avoid a circular dependency. $ dig +noall +additional grey.dotat.at @d.ns.at grey.dotat.at. 10800 IN A 131.111.57.57 grey.dotat.at. 10800 IN AAAA 2001:630:212:110::d:7a7 You configure your glue records through your registrar alongside your delegation NS records. Usually you get to specify a list of nameserver names, each with optional addresses - you only need to specify the addresses when the hostname is in the child zone. Basically what you are doing with this registrar user interface is providing a COPY of data from the delegated zone: the apex NS records, and any addresses of nameservers whose hostnames are inside the delegated zone. Tony. -- f.anthony.n.finch <[email protected]> http://dotat.at/ - I xn--zr8h punycode Fisher: Northwesterly 5 to 7, occasionally gale 8 in east. Moderate or rough. Showers. Good. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/bind-users
