Yves Goergen wrote: > what is it good for to add NS records to a domain in an authoritative > nameserver? I mean when somebody has already come here, they already > know what nameserver to ask for the domain. Why would the nameserver > reply with "I am the one to ask for that domain" if it can only say > that when being asked directly? Wouldn't that kind of information > belong to the domain registries for TLDs?
It's defined that way. The namespace is divided into zones, and each zone has authoritative and non-authoritative data. If you have the parent zone "bar.example." and the zone "foo.bar.example.", then NS records with the owner name "foo.bar.example." belong by definition both to the non-authoritative data of the zone "bar.example." and to the authoritative data of the zone "foo.bar.example.". If you come at it from a classical DNS point of view, then this is overly specific. Other than for consistency, the entries are unnecessary in the child zone. Precise definitions of zone membership are important for DNSsec, though. They decide who signs a record using which key. In my opinion, once signed delegations come into play, it makes sense to define NS records exactly that way. _______________________________________________ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users