And this concludes DNS101. Thanks all for attending, and see you next semester in intro to bind.
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Adam Selene Sent: Thursday, September 18, 2003 9:54 AM To: [EMAIL PROTECTED]; discuss Subject: Re: Verisign to Make Money from Typos > That isn't correct!!!!! DNS regards EVERYTHING between the http:/ and the > first invalid character as the DNS name. If your dns entry doesn't match, > it doen't count at all. Verisign still has control! Uh, *no* it does not. A DNS query for host.domain.com goes like this: 1) Your DNS resolvers stub queries the DNS servers set in your TCPIP settings for HOST.DOMAIN.COM (after checking your hosts file). 2) That DNS server checks it's cache for HOST.DOMAIN.COM. and returns a non-authoritive answer if found. If not... 3) That DNS server checks it's cache for COM. If not found it queries [.] for "COM.", and ge a list of name servers for .COM. (root servers ("dot") are configured in the DNS server's static cache file). 4) Queries {a-m}.gtld-servers.net (the list retrieved in Step 3) for a list of name servers DOMAIN.COM, which retrieves the glue records for the that domain (the registered name servers). 5) Queries *those* name servers for HOST.DOMAIN.COM, which retrives the information from *your* DNS server's zone files, and is returned to the client. Even if {a-m}.gtld-servers.net were sent the FQDN (i.e. the host name) -- which it is *not* AFAIK -- those servers would then have to do a recursive query to your name servers to see that the host doesn't exist: a infeasibly high-load task to do at the gTLD root servers. Adam
