faqts : Computers : Internet : Domain Names : djbdns

+ Search
 Add Entry AlertManage Folder Edit Entry Add page to http://del.icio.us/
Did You Find This Entry Useful?

10 of 10 people (100%) answered Yes
Recently 10 of 10 people (100%) answered Yes

Entry

How do I configure my server to accept a delegation from a superdomain's content DNS servers ?

Sep 30th, 2002 15:57
Jonathan de Boyne Pollard, 


You need to know 
   * The IP addresses of all of your content DNS servers for 
the domain.
   * What intermediate names, for your content DNS servers, the 
owners of the superdomain are using in their delegation of your 
domain to the IP addresses of your servers.
In all cases, you must use the _same_ intermediate domain names 
as are being published by the content DNS servers for the 
enclosing superdomain, to avoid triggering the BIND bug 
described in Dan Bernstein's FAQ document 
(http://cr.yp.to/djbdns/faq/tinydns.html#ns-names).  However, 
exactly how you accept the delegation depends from what naming 
scheme is in use for the intermediate names.
If the intermediate names are in the form "a.ns....", 
"b.ns....", "c.ns....", and so forth; then you can use the 
simplest method of accepting a delegation, which is to use 
"add-ns" to modify the DNS database(s) of your content DNS 
server(s):
     cd /service/tinydns/root
    ./add-ns tmcs.net 209.104.63.252
    ./add-ns tmcs.net 209.104.33.252  
    ./add-ns tmcs.net 209.104.39.252
    make
"add-ns" automatically creates and assigns intermediate names 
in the form "[a-z].ns....", assigning letters of the alphabet 
in order.  (e.g. The preceding commands will cause the 
intermediate names "a.ns.tmcs.net.", "b.ns.tmcs.net.", and 
"c.ns.tmcs.net." to be created.)  All that you need supply is 
your domain name and the IP addresses of all of the content DNS 
servers for your domain.
Because this method is so simple, it is recommended that you 
try to arrange with the owners of the superdomain to use the 
"[a-z].ns...." pattern when choosing the names for your 
domain's content DNS servers.  (If the owners of the 
superdomain are using "add-childns" to add the delegations to 
the databases of their content DNS servers, as is described in 
the section of Dan Bernstein's FAQ document on delegating 
domains to others, then they will be.)
On the other hand, the intermediate names may be in some other 
form; such as "ns1....", "ns2....", "ns3....", and so forth. 
(Try to avoid this form, if possible.  One disadvantage of it 
is that it doesn't yield the best possible compression of "NS" 
resource record sets in DNS response datagrams; because of the 
way that the idiosyncratic name compression scheme that DNS 
datagrams employ works.  This is why it is good practice to 
avoid it.  Notice, for example, that ICANN's and the ORSC's "." 
content DNS servers follow good practice and use the "a.", 
"b.", "c.", naming scheme instead.)  In which case, what you 
want will not be what "add-ns" does, and you will have to 
resort to adding '.' records to your DNS database source file 
("data") by hand:
     cd /service/tinydns/root
     echo '.yahoo.com.:66.218.71.63:ns1.yahoo.com.' >> data
     echo '.yahoo.com.:209.132.1.28:ns2.yahoo.com.' >> data
     echo '.yahoo.com.:217.12.4.104:ns3.yahoo.com.' >> data
     echo '.yahoo.com.:63.250.206.138:ns4.yahoo.com.' >> data
     echo '.yahoo.com.:64.58.77.85:ns5.yahoo.com.' >> data
     make
Do not add '+' or '=' records, for the intermediate "ns1...", 
"ns2...", and so forth domain names, _as well_.  If you really 
desire to have '=' records for the intermediate domain names, 
omit the IP address from the second field of the '.' records.  
However, it is recommended that the intermediate names not be 
the "real" names of your servers, and that therefore they not 
be the subjects of '=' records.