[78700] in North American Network Operators' Group
Re: Delegating /24's from a /19
daemon@ATHENA.MIT.EDU (Edward Lewis)
Thu Mar 17 08:09:27 2005
In-Reply-To: <2147483647.1111017254@[172.17.1.152]>
Date: Thu, 17 Mar 2005 07:59:28 -0500
To: Owen DeLong <owen@delong.com>
From: Edward Lewis <Ed.Lewis@neustar.biz>
Cc: Edward Lewis <Ed.Lewis@neustar.biz>,
Mark Andrews <Mark_Andrews@isc.org>, nanog@merit.edu
Errors-To: owner-nanog@merit.edu
At 23:54 -0800 3/16/05, Owen DeLong wrote:
>Ed's comments:
>If that were true, then, there would be no such thing as recursive resolvers
>and all clients would have to have recursive libraries. If I ask a recursive
>resolver for a foreign A record, I usually get an A record in response.
>If I ask a non-recursive server, I usually get NS records in response.
I was going to respond with a really long tutorial on reading DNS
responses, but I figure this is not the forum. In short, yes, the
responses are as you say, but to really understand this you have to
dig deeper into the protocol details to see the difference between a
referral and an answer.
>Perhaps, but, as long as the referrals consistently point to an
>end and not a loop, in general, it seems to work.
In the IPv4 reverse space, you only have the following zones...
root, arpa, in-addr.arpa, /8, maybe the /16, and /24
In operations, four or five referral possibilities, tops. DNAME and
CNAME kind of change this, but they aren't "referrals" in the DNS
dictionary, they rewrite the query.
In theory, DNS referrals only loop if the there is a break in the
protocol. DNS is a tree, which means "there's only one path between
any two points." If you turn the tree into a bush, you've broken it.
>> 1) Send a reassign-detailed or reallocate template (in ARIN lingo) for
>> the space to the RIR. Then the next set of DNS zone files generated will
>> delegate to the customer's name servers.
>>
>Obviously, in most circumstances, I'd agree that this is preferred.
If that's the case, I don't know why this thread is being continued.
I responded under the presumption you were about to propose some
other way to do this. From your earlier message you mentioned
"sideways delegations" and "this is what is proposed." Before
"proposing" a change to DNS, the details of the protocol have to be
clearly understood.
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis +1-571-434-5468
NeuStar
Achieving total enlightenment has taught me that ignorance is bliss.