[linux-elitists] a lame query

Seth David Schoen schoen@loyalty.org
Thu Aug 10 19:49:31 PDT 2000


Rick Moen writes:

> Network Solutions confused this issue, a few years ago, by insisting
> that you had to register a "host record" for any DNS server you wanted
> to be authoritative.[1]  That essentially-pointless[2] "host record"
> contained, among other things, a fully-qualified _hostname_ along with
> the server's IP address.
> 
> Unfortunately, these "host records" tend to perpetuate the notion that
> DNS servers are contacted through some means that involves resolving
> their names.  _That_ has never been true:  The identities of DNS servers
> are always and everywhere specified by IP address.
> 
> Your registrar must, indeed, be told of your two (or more) DNS servers
> that you intend to be authoritative for your domain.  However, the key
> information the registrar will use for this purpose is the machines' 
> IP addresses, not their hostnames.
> 
> If particular regstrars also require additional machine information,
> such as Network Solutions with its stupid and sleazy "host records",
> that is an administrative requirement idiosyncratic to that registrar,
> not a technical one.

I think those host records are used to produce glue records in the
root zone.

:r!dig any linuxmafia.com. @a.root-servers.net.

; <<>> DiG 8.2 <<>> any linuxmafia.com. @a.root-servers.net. 
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
;; flags: qr rd; QUERY: 1, ANSWER: 3, AUTHORITY: 3, ADDITIONAL: 3
;; QUERY SECTION:
;;	linuxmafia.com, type = ANY, class = IN

;; ANSWER SECTION:
linuxmafia.com.		2D IN NS	MYRDDIN.IMAT.COM.
linuxmafia.com.		2D IN NS	NS1.VARESEARCH.COM.
linuxmafia.com.		2D IN NS	NS1.linuxmafia.com.

;; AUTHORITY SECTION:
linuxmafia.com.		2D IN NS	MYRDDIN.IMAT.COM.
linuxmafia.com.		2D IN NS	NS1.VARESEARCH.COM.
linuxmafia.com.		2D IN NS	NS1.linuxmafia.com.

;; ADDITIONAL SECTION:
MYRDDIN.IMAT.COM.	2D IN A		140.174.70.1
NS1.VARESEARCH.COM.	2D IN A		209.81.8.8
NS1.linuxmafia.com.	2D IN A		209.81.22.250

;; Total query time: 69 msec
;; FROM: zork to SERVER: a.root-servers.net.  198.41.0.4
;; WHEN: Thu Aug 10 19:44:13 2000
;; MSG SIZE  sent: 32  rcvd: 199

See the "NS1.linuxmafia.com.     2D IN A         209.81.22.250"?  The
information needed to produce that glue record presumably come from
here:

:r!whois -h whois.networksolutions.com 'host ns1.linuxmafia.com'

[...]

[No name] (NSK1622-HST)

   Hostname: NS1.LINUXMAFIA.COM
   Address: 209.81.22.250
   System: ? running ?


   Record last updated on 12-Mar-2000.
   Database last updated on 10-Aug-2000 01:08:17 EDT.

If they did not have that host record, they would not be able to
generate the glue record.  I can prove that they get these root-zone A
records' data out-of-band, from host registrations, and not from any
zone:

:r!whois -h whois.networksolutions.com 'host ishma-hst'

[...]

[No name] (ISHMA-HST)

   Hostname: ISHMAEL.GEECS.ORG
   Address: 204.252.20.9
   System: ? running ?

   Coordinator:
      Schoen, Seth David  (SDS63)  schoen@LOYALTY.ORG
      38 Harlow Avenue
      Northampton, MA 01060
      (413)584-0259

   Record last updated on 24-Jul-2000.
   Database last updated on 10-Aug-2000 01:08:27 EDT.

So, ishmael.geecs.org hasn't been associated with the IP address
204.252.20.9 in any authoritative geecs.org zone files -- or in any
zone not controlled by NSI -- for over a year and a half.  But behold:

:r!dig a ishmael.geecs.org. @a.root-servers.net

[...]

;; ANSWER SECTION:
ishmael.geecs.org.	2D IN A		204.252.20.9

[...]

So that seems to be what they use those host records for.

-- 
Seth David Schoen <schoen@loyalty.org>  | And do not say, I will study when I
Temp.  http://www.loyalty.org/~schoen/  | have leisure; for perhaps you will
down:  http://www.loyalty.org/   (CAF)  | not have leisure.  -- Pirke Avot 2:5




More information about the linux-elitists mailing list