Re: 4 part domain names

From: Peter Risdon (peter_at_circlesquared.com)
Date: 11/24/04

  • Next message: Ruben de Groot: "Re: Restarting rc.conf" 
    Date: Wed, 24 Nov 2004 14:48:56 +0000
To: Jonathon McKitrick <jcm@FreeBSD-uk.eu.org>

    Jonathon McKitrick wrote:
    > : Every unique combination of subdomain.domain.tld could point to an
    > : arbitray other URL or IP.
    > : For example
    > : us.510.mail.example.com = example.com
    > : de.510.mail.example.com = europe.mail.example.com
    >
    > I guess my question is this...
    >
    > if 'us' is the name of the node (machine) and 'example.com' is the
    > registered domain name, what do the '510' and 'mail' parts uniquely
    > identify? Why not just 'us.example.com'?

    I'm not an expert (IANAE should perhaps be a new acronym...), but here's
    how I understand it. The domain name system is completely open-ended and
    hierarchical. I tend to use djbdns for DNS servers, but found the bind
    concept of zones (and therefore zone files) very helpful.

    The top level is . and this is managed by the top level name servers,
    which have to be hard-wired into any name server. These name servers
    delegate responsibility for the next level down to other name servers,
    so .com. (the trailing dot is left out for most purposes, but not all -
    see your hosts file as generated by sysinstall) is managed by a number
    of servers, .uk. by others, and so on. These name servers delegate
    authority for zones within their zones to yet more name servers. This is
    where we come in with .com. domains, but not .uk. where there is another
    layer of delegation before we ordinary mortals start managing delegated
    zones.

    If you have registered example.com then authority for the whole zone of
    the internet, or the domain name system, below example.com. is delegated
    to you. You normally run name servers which publish information about
    hosts within this zone, but this is not the only thing you can do. You
    can also delegate authority for zones within this zone. Thus, there is a
    private company in the UK that delegates authority for zones below
    .uk.com. and thereby operates as a sort of private domain name registry.

    So you could delegate authority to stated nameservers for a zone such as
      mailservers.example.com and host information (A records) could be
    published by them for hosts such as smtp.mailservers.example.com. Of
    course, some of these could be aliases, and point to other hosts, but
    they don't have to be.

    And so it goes on; there's no limit to the possible delegation of zones
    beyond common sense and convenience. The fact that we normally manage
    second level domains is a function of normal practice, it isn't
    intrinsic to the system and it isn't the case in the UK where we
    normally manage third level domains.

    A DNS lookup for smtp.mailservers.example.com. would run as follows:

    1. Look up in the static table of root name servers at least one value
    for a namserver that is authoritiative for .
    2. Ask the . nameserver who is authoritative for .com.
    3. Ask the .com. nameserver who is authoritative for example.com.
    4. Ask the example.com. nameserver who is authoritative for
    mailservers.example.com.
    5. Ask the mailservers.example.com. nameserver for the ip address of the
    host smtp.mailservers.example.com.

    The following article explains how to delegate sub domains to name
    servers using bind. I can't find an equivalent for djbdns and suspect
    there might be a limitation in that software:

    http://www.zytrax.com/books/dns/ch9/delegate.html

    Corrections welcome...

    Peter. 

    -- 
the circle squared
network systems and software
http://www.circlesquared.com
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
  • Next message: Ruben de Groot: "Re: Restarting rc.conf"

    Relevant Pages

    • Re: Port 53 need to be open for rDNS?
      ... I sent you an email Matt. ... > Did they delegate the authority to you, or did they configure the records ... >>> They are all coming from various name servers but most from my ISP's ...
      (microsoft.public.windows.server.sbs)
    • Re: dns administration delegation
      ... Let's not worry about why the zones need to be created. ... Allow site_DNSadmin group to FULL control Computer Configuration\Windows ... Executed dnsmgmt.msc and added one of the dns servers. ...
      (microsoft.public.windows.server.dns)
    • Re: Pre-authentication failed for Windows 2008 systems
      ... This posting is provided "AS IS" with no warranties, ... If you are asking if the primary DNS zone contains A ... Active Directory Integrated Zones ... There are no WINS servers configured for this interface. ...
      (microsoft.public.windows.server.security)
    • Re: Forward lookup zone not automatically created for new domain in fo
      ... Company.biz is the forest root. ... forward lookup zones on the domain controllers hosting shell.company. ... You need your DNS servers in every domain/tree ... servers are Win2003 you can do forest wide AD Integration ...
      (microsoft.public.windows.server.active_directory)
    • Re: W2K DNS Forwarding
      ... On the primary zones, you need to allow zone transfers to the IP ... Win2k3 DNS servers in a single Forest, or Win2k DCs in the same domain) ... proxy server, and completely bypasses the DNS Client configuration. ...
      (microsoft.public.win2000.dns)
    Loading