Re: [OT] Domain Name Registrars

Doug Barton wrote:
Troy Settle wrote:

Here's the thing for name servers (at least as far as I understand
it)...

With all due respect, the problem with postings like this is that it
actually slows down the process of people finding out the truth for
themselves by perpetuating misinformation. It's far better to either do the
research and post accurate information, or avoid posting.

the glue records must exist in the root servers for each registry.

A) The only "root servers" are those that serve the root zone. What you're
referring to are Top Level Domain (TLD) name servers.
To clarify for myself, the root name servers are not authoritative for (most of) the TLDs.
The authoritative name servers for zones represented by the TLDs are the ones to which the root
name servers have delegated authority to for those zones. So there are authoritative name
servers for the zones such as .ca, .gc.ca, .com etc. However I have determined, using nslookup,
that for the .mil zone four of the root servers are authoritative, as one example.
B) Policies on whether
name server IP records are necessary for domain registration vary by
registry. There is no hard and fast rule. C) "Glue" is a DNS term of art
that refers specifically to IP addresses for servers whose hostnames are IN
the zone they serve. For example, if you have the following NS records:

example.org. NS ns1.example.org.
example.org. NS ns2.example.org.

Then glue records are _required_ in the ORG TLD name servers. Otherwise
there is no way for anyone to reach your servers.
So then what the registrars are doing (or supposed to be doing) is providing A and NS records
for the name servers in my parent zone which point to my primary name servers and
secondary name servers? This then is the "glue" which makes recursive queries possible.

So, and pardon my verbosity, when a resolver needs to resolve dwlabs.ca, assuming it doesn't
have the data cached, it queries one of ca0[1,2,4,5,6].cira.ca or ns-ext.isc.org, which then
responds with the names and ip addresses of the authoritative name servers for dwlabs.ca.
Am I correct?
However, for those situations where the name server hostnames are all out of
zone, it's generally better to avoid putting IP address records for those
hostnames in the parent zone (regardless of what level we're talking about
here) because it makes the administration of the zones/domains much more
difficult.
If your name servers are under the .ca TLD, and you're
registering a .com domain, then the .com registry must have the glue
records for your .ca name servers.

That's actually exactly the opposite of the truth. If the name servers for
your COM name are in CA, then the IP addresses can be resolved the normal
way (recursively).
So no glue, but an NS record as in
example.com. IN NS ns1.dwlabs.ca. ?

In this case the response to the resolver query from the .com authoritative name server
will be that the unauthoritative answer is ns1.dwlabs.ca. Authoritative answers can be
found at ca0[1,2,4,5,6].cira.ca or ns-ext.isc.org. ? Because of this they don't need A records
for my domain, if I am correct.

So the privilege and responsibility of being a registrar includes , in addition to selling globally
unique domain names, is in getting and validating information from your clients regarding their
name servers and then passing on the information to parent zone name servers so that the
appropriate A records and NS records can be created and or updated (in a timely fashion).
As an OpenSRS reseller,

eek,

Doug

Much thanks and respect to all for helping me start to truly understand this.

Sincerely

Duane Whitty
--
duane@xxxxxxxxxxxxxx
_______________________________________________
freebsd-isp@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
To unsubscribe, send any mail to "freebsd-isp-unsubscribe@xxxxxxxxxxx"

Relevant Pages

  • Re: ad and dns setup
    ... MCSE, MVP Directory Services ... _msdcs, forward zone, reverse lookup zone. ... To fully rebuild DNS: ... changes immediately to all servers, this helps to speedup the process. ...
    (microsoft.public.windows.server.active_directory)
  • Re: [OT] Domain Name Registrars
    ... The only "root servers" are those that serve the root zone. ... authority to for those zones. ...
    (freebsd-isp)
  • Re: ad and dns setup
    ... If they have correct IP, yes, if not you need to change the NS under zone ... MCSE, MVP Directory Services ... To fully rebuild DNS: ... changes immediately to all servers, this helps to speedup the process. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Cannot create STUB zone
    ... functional level, the more new features are engaged ... ... DNS servers generally store a number of zones (zone = DNS database used ... most non-MS DNS servers only support 1 writable copy of a particular ...
    (microsoft.public.windows.server.dns)
  • Re: Replication issues
    ... I wanted to say Zone Transfers not Zone Forwarding. ... on 2 servers out of 4 DNS servers. ... DNS and 2003 DNS and how to set up Conditional Forwarding. ...
    (microsoft.public.windows.server.active_directory)