At 13:48 -0800 3/16/05, David Raistrick wrote:
On Wed, 16 Mar 2005, Edward Lewis wrote:
aside) to uphold. In the global DNS, no matter where you ask question, you should get the same answer.
Really?
Yes.
dig @ns1.arin.net 124.16.172.in-addr.arpa. IN NS
and
dig @ns1.foobar.com 124.16.172.in-addr.apra. IN NS
had better return the same NS RRSet.
An example modeled after the above using real servers:
dig 48.173.209.in-addr.arpa ns @a.root-servers.net
;; AUTHORITY SECTION: 209.in-addr.arpa. 1D IN NS chia.ARIN.NET. 209.in-addr.arpa. 1D IN NS dill.ARIN.NET. 209.in-addr.arpa. 1D IN NS BASIL.ARIN.NET. 209.in-addr.arpa. 1D IN NS henna.ARIN.NET. 209.in-addr.arpa. 1D IN NS indigo.ARIN.NET. 209.in-addr.arpa. 1D IN NS epazote.ARIN.NET. 209.in-addr.arpa. 1D IN NS figwort.ARIN.NET.
dig 48.173.209.in-addr.arpa ns @chia.ARIN.NET
;; AUTHORITY SECTION: 48.173.209.in-addr.arpa. 1D IN NS oak.neustar.com. 48.173.209.in-addr.arpa. 1D IN NS pine.neustar.com. 48.173.209.in-addr.arpa. 1D IN NS willow.neustar.com. 48.173.209.in-addr.arpa. 1D IN NS cypress.neustar.com.
And that is correct. Both are referring you to another zone. The set of servers in the first belong to 209/8, the latter to 209.173.48/8. What is not apparent is that neither query is resulting in an answer. Instead, the reply is a "go ask someone else" referral. It's like Joe says "ask Bob" and Bob says "ask Charlie." -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis +1-571-434-5468 NeuStar Achieving total enlightenment has taught me that ignorance is bliss.
At 16:56 -0500 3/16/05, Edward Lewis wrote:
servers in the first belong to 209/8, the latter to 209.173.48/8.
Whoops - the last is /24. -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis +1-571-434-5468 NeuStar Achieving total enlightenment has taught me that ignorance is bliss.
participants (1)
-
Edward Lewis