"Stealth" implies something that isn't seen in the normal course of activity,
so it's really the *wrong* word to use here, since the apex NS records are seen
during normal iterative resolution, and in fact the apex NS records take
precedence over the delegated NS records in the sense of RFC 2181 data-ranking.
So, to call them "stealth" seems mistaken, and misleading.
A better term than "stealth NS" would be "mismatched NS". From an
integrity-check perspective, IMO the mismatch condition should be flagged as
questionable if the apex NS records are a superset of the delegated ones, and
worrisome if completely disjoint.
- Kevin
-----Original Message-----
From: bind-users <[email protected]> On Behalf Of Matus UHLAR -
fantomas
Sent: Friday, March 30, 2018 4:27 AM
To: [email protected]
Subject: Re: Stealth NS records
On 30.03.18 15:44, PANG J. wrote:
>I saw a zone check on intodns.com shows,
>
>Stealth NS records were sent:
>ns2.xxx.com
>ns1.xxx.com
>
>So what's a stealth NS record?
http://massivedns.com/blog/dns-report-tutorials/what-are-stealth-ns-records/
maybe I could explain more deeply if you have sent the domain.
--
Matus UHLAR - fantomas, [email protected] ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Linux IS user friendly, it's just selective who its friends are...
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
[email protected]
https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
[email protected]
https://lists.isc.org/mailman/listinfo/bind-users
