Date: Sun, 21 May 2006 21:27:43 -0300 From: Duane Whitty <duane@greenmeadow.ca> To: Doug Barton <dougb@FreeBSD.org> Cc: freebsd-isp@freebsd.org Subject: Re: [OT] Domain Name Registrars Message-ID: <4471057F.8000604@greenmeadow.ca> In-Reply-To: <4470F4BE.7030702@FreeBSD.org> References: <446D157A.4070308@greenmeadow.ca> <446E6EE9.3060406@greenmeadow.ca> <44709D4E.4060901@psknet.com> <4470F4BE.7030702@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Doug Barton wrote: > Troy Settle wrote: > > >> Here's the thing for name servers (at least as far as I understand >> it)... >> > > With all due respect, the problem with postings like this is that it > actually slows down the process of people finding out the truth for > themselves by perpetuating misinformation. It's far better to either do the > research and post accurate information, or avoid posting. > > >> the glue records must exist in the root servers for each registry. >> > > A) The only "root servers" are those that serve the root zone. What you're > referring to are Top Level Domain (TLD) name servers. To clarify for myself, the root name servers are not authoritative for (most of) the TLDs. The authoritative name servers for zones represented by the TLDs are the ones to which the root name servers have delegated authority to for those zones. So there are authoritative name servers for the zones such as .ca, .gc.ca, .com etc. However I have determined, using nslookup, that for the .mil zone four of the root servers are authoritative, as one example. > B) Policies on whether > name server IP records are necessary for domain registration vary by > registry. There is no hard and fast rule. C) "Glue" is a DNS term of art > that refers specifically to IP addresses for servers whose hostnames are IN > the zone they serve. For example, if you have the following NS records: > > example.org. NS ns1.example.org. > example.org. NS ns2.example.org. > > Then glue records are _required_ in the ORG TLD name servers. Otherwise > there is no way for anyone to reach your servers. > So then what the registrars are doing (or supposed to be doing) is providing A and NS records for the name servers in my parent zone which point to my primary name servers and secondary name servers? This then is the "glue" which makes recursive queries possible. So, and pardon my verbosity, when a resolver needs to resolve dwlabs.ca, assuming it doesn't have the data cached, it queries one of ca0[1,2,4,5,6].cira.ca or ns-ext.isc.org, which then responds with the names and ip addresses of the authoritative name servers for dwlabs.ca. Am I correct? > However, for those situations where the name server hostnames are all out of > zone, it's generally better to avoid putting IP address records for those > hostnames in the parent zone (regardless of what level we're talking about > here) because it makes the administration of the zones/domains much more > difficult. > > >> If your name servers are under the .ca TLD, and you're >> registering a .com domain, then the .com registry must have the glue >> records for your .ca name servers. >> > > That's actually exactly the opposite of the truth. If the name servers for > your COM name are in CA, then the IP addresses can be resolved the normal > way (recursively). > So no glue, but an NS record as in example.com. IN NS ns1.dwlabs.ca. ? In this case the response to the resolver query from the .com authoritative name server will be that the unauthoritative answer is ns1.dwlabs.ca. Authoritative answers can be found at ca0[1,2,4,5,6].cira.ca or ns-ext.isc.org. ? Because of this they don't need A records for my domain, if I am correct. So the privilege and responsibility of being a registrar includes , in addition to selling globally unique domain names, is in getting and validating information from your clients regarding their name servers and then passing on the information to parent zone name servers so that the appropriate A records and NS records can be created and or updated (in a timely fashion). > >> As an OpenSRS reseller, >> > > eek, > > Doug > > Much thanks and respect to all for helping me start to truly understand this. Sincerely Duane Whitty -- duane@greenmeadow.ca
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4471057F.8000604>