Discuss mailing list

[Quinn Wood <wood.quinn.s AT gmail.com>]

On Wed, Mar 5, 2014 at 5:30 PM, Coyo <coyo AT darkdna.net> wrote:
> But bottom line, the root zone, or "." is the implied zone at the end
> of any canonical name record, such as google.com. ?
>
That depends on resolver configuration. On Linux you can configure
dot-less records with the domain option in resolv.conf(5), otherwise
you can have your DNS server deal with it and make a decision based on
it's root zonefile.

> [snip] essentially, the root zone could include any
> records in theory, including unusual or nonstandard ones, but in
> practice, only NS records are maintained?
>
That's what I infer.

> My understanding of DNS is somewhat limited, because I haven't got a
> chance to play with nameserver software like PowerDNS, Unbound and
> BIND, and I am a "hands-on" learner, but an NS record must be
> specifically requested by a client before it's returned, correct?
>
Again, this depends on resolver configuration. The resolver is the
code on your machine that handles DNS lookups. Some software
implements its own, other software uses system calls like
gethostbyname(3). When you don't have something configured in
resolv.conf, for example, 127.0.0.1 is queried.

> If you delegate a zone, such as google.com.[root], you don't include
> an A, AAAA or CNAME. record, only the NS record. I've never been very
> clear on how, exactly, that works. When you request google.com.[root]
> from the root servers (due to misconfiguration or unusual
> circumstances that led to the lack of caching "com.", for instance),
> what happens? Which is requested first, the CNAME, A, AAAA or NS?
>
You first have to find the primary nameserver for google.com. which
involves asking com. for an NS record for google.com. You may run into
a problem in the case of that nameserver being ns1.google.com. because
that's a circular dependency. Glue records exist too which are A/AAAA
records for ns1.google.com. in the com. zone.