Discuss mailing list

[Coyo <coyo AT darkdna.net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Thank you for that clarification. That was very helpful!

But bottom line, the root zone, or "." is the implied zone at the end
of any canonical name record, such as google.com. ?

The implied "." at the end of the TLD refers to the root nameservers
run by the likes of VeriSign. I understand that OpenNIC has an
interesting kludge for including both ICANN TLDs and OpenNIC TLDs on
the same servers, but essentially, the root zone could include any
records in theory, including unusual or nonstandard ones, but in
practice, only NS records are maintained?

My understanding of DNS is somewhat limited, because I haven't got a
chance to play with nameserver software like PowerDNS, Unbound and
BIND, and I am a "hands-on" learner, but an NS record must be
specifically requested by a client before it's returned, correct?

If you delegate a zone, such as google.com.[root], you don't include
an A, AAAA or CNAME. record, only the NS record. I've never been very
clear on how, exactly, that works. When you request google.com.[root]
from the root servers (due to misconfiguration or unusual
circumstances that led to the lack of caching "com.", for instance),
what happens? Which is requested first, the CNAME, A, AAAA or NS?

Thank you in advance! ^_^

On 3/5/2014 5:12 PM, Quinn Wood wrote:
> On Wed, Mar 5, 2014 at 2:46 PM, Coyo <coyo AT darkdna.net> wrote:
>> In addition, I wanted to clarify something. A TLD's set of
>> nameservers are configured in an identical fashion to second and
>> third level domains, correct? Basically, instead of pointing to a
>> TLD, you point to the OpenNIC root?
>> 
> Zones: . |-- com |   `-- google `-- net
> 
> Zone contents are called records: . |-- com |   |-- google NS
> a.gtld-servers.net. |   `-- google |       |-- ns1.google A
> 216.239.32.10 |       `-- mail.google CNAME googlemail.l.google `--
> net `-- google NS ns1.google.com
> 
> It may be confusing since we use the term "domain" all the time,
> but really there are zones and records. A top level domain is a
> zone directly under the root, and a record is in a zone. That
> record can be- for example-  a A (IPv4 address), AAAA (IPv6
> address), CNAME (canonical name, i.e. refer to the DNS record
> listed and use its result.) Those three record types identify a
> host, but there are other "domain names" which do not, like DNSKEY
> and LOC, which are used for other information.
> 
> In OpenNIC, most nameservers that run top level zones hold not only
> NS records for delegating zones (so someone other than Verisign can
> run the google.com. zone), but also hold other types of records as
> well. In ICANN space this isn't as common, if it's done at all.
> That's because at a higher scale, it makes more sense to run
> different nameservers to handle the backbone than the ones that
> customers of GoDaddy and Namecheap use for their sites. However,
> these nameservers run the same softwares and the same configuration
> styles. It's just human policy to only include NS records in the
> root.
> 
> 
> 
> 
> 
> -------- You are a member of the OpenNIC Discuss list. You may
> unsubscribe by emailing
> discuss-unsubscribe AT lists.opennicproject.org
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJTF7OJAAoJEDEXTUGm1DyU2RQH/ioYDIFYi5yS/rtbh9u3NfYG
3MeDe619+6xzTQyF82Yy7B5t1LC5T5/Njx6JwHFxsauxfwZY5b2JA7ipktAxEhco
hWxA8t9cRfN+LVPweCrhR1qSrQNiGgOHKSa8ea03JbVN2VXmn1eaO9cUXs6ybxXS
qoNX6zELZ7XlIPco7Kj9VO8FfaGekUmpFeCApJe2nairxMwzEdKM1VFWYbbTqhRy
nSRHiws8C68HpNDFnCTtugdvkOY4KTMYL46v1ANdU/BRzpS+loSHPa06GamP+Nwf
VTHx3pilydo83Gwq0V+sY8wIfJKCYBZoGzEymjXVlmV2PkjXb7+iwFvj1+CuSOI=
=IVIX
-----END PGP SIGNATURE-----