Interesting DNS problem.
I've just been hired to fix problems at a small ISP. One of their customers has listed several nameservers with a single IP. I didn't know this was possible. I thought there was a 1 to 1 relationship with nameserver names/addresses. I'm trying to figure out if this is or will be a problem. Any input would be greatly appreciated. Bob Martin Connected to whois.internic.net. Escape character is '^]'. nameserver 63.151.3.248 Whois Server Version 1.3 Domain names in the .com and .net domains can now be registered with many different competing registrars. Go to http://www.internic.net for detailed information. NS3.ELPASOTRUCK.NET NS2.ANGELOFREIGHTLINER.NET NS2.ELPASOTRUCK.NET NS2.WACOFREIGHTLINER.NET NS2.TEMPLEFREIGHTLINER.NET NS2.LONESTARFL.COM NS2.FARMINGTONFREIGHTLINER.NET NS3.FARMINGTONFREIGHTLINER.NET NS2.ELPASOSELECT.NET NS2.BRYANFREIGHTLINER.NET NS2.WFFREIGHTLINER.NET NS3.ABILENEFREIGHTLINER.NET NS3.ABQFREIGHTLINER.NET DOWNTOWN.INU.NET
On Thu, 16 Dec 2004, Bob Martin wrote:
I didn't know this was possible. I thought there was a 1 to 1 relationship with nameserver names/addresses. I'm trying to figure out if this is or will be a problem.
Paul Vixie can probably better address this than myself, but I will mention that with my experience with running backupdns.com, the main problems you run into from an operational standpoint are: 1) When you need to change IP addresses for the nameserver you now have to coordinate the change on a hundred different entries instead of just one. If you use a single name, you just change that entry. 2) Depending on the exact situation, the nameserver may or may not know that it is authoritative for the domains since it may or may not realize that a given nameserver name is itself. Especially if there are resolution issues with the name in question at load time. Again, Paul Vixie may be able to better respond to this one. At backupdns.com, we tell people it's permitted to use their own name for our secondary server (if they ask) - but ask that they list the official name for our nameserver in the NS records for the zone to make sure we answer authoritatively. That said, we do try to discourage this because we see it as potentially causing more harm than good. -forrest BackupDNS.com
On Thu, 16 Dec 2004, Bob Martin wrote:
I've just been hired to fix problems at a small ISP. One of their customers has listed several nameservers with a single IP. I didn't know this was possible. I thought there was a 1 to 1 relationship with nameserver names/addresses. I'm trying to figure out if this is or will be a problem.
Had been possible for about 3 years, maybe more. And remember before you could have the same as well if nameserver with same ip was registered in multiple TLDs, but it was a problem when Verisign still had .COM zone run on the root name server so that is the reason why it was not officially aloowed, but it should not be a problem any more. The only thing to worry about is that if you have multiple nameserver on the same ip, when you renumber then you have to remember to change each one of those nameservers separately and with too many of them its going to be a pain in the --). BTW - that is nothing, how about multiple ips registered in whois and TLD zone for the same nameserver? (and not to mention fun you might have if you ever need to renumber and want to change just one of those ips - those registrar & registry techs might have interesting time trying to figure out how to do it with EPP or even worth with RRP... -- William Leibzon Elan Networks william@elan.net
a related problem is having N ip addrs bound to M nics on a host, where N > M. if an ssl connection fails and debug is needed between the M:N:host and some other ssl-speaking box, then it makes a difference if the ssl connection is associated with the primary, or some aliased (set N-1) ip addr. client failure semantics are primary address specific, for some value of ssl clients. in theory you could alias an ns box's ip addrs (just did that, renumbering), and have multi-addrs on a server authoritative for multi-zones, and not have a flag day. have fun, jobs are scarce as hen's teeth.
participants (4)
-
Bob Martin -
Eric Brunner-Williams in Portland Maine -
Forrest W. Christian -
william(at)elan.net