Stephen Malone writes: > I'm looking to understand how recursive resolvers handle DNS domain > re-delegations at the same level. For example:
Badly. Sideways delegations are, strictly speaking, undefined behaviour. Typically resolvers declare that the original delegation is lame and will not be able to resolve the domain. However, your example also does not actually perform a sideways delegation: > =Parent zone: contoso.com= > @ IN SOA ns1.contoso.com. hostmaster.contoso.com. (... > Subzone IN NS ns1.IntermediateNS.com. > > =Intermediate zone: Subzone.constoso.com [on] ns1.IntermediateNS.com.= > > @ IN SOA ns1.IntermediateNS.com. hostmaster.contoso.com. (... > @ IN NS ns1.RedelegatedNS.com. When ns1.IntermediateNS.com gets queried, it will (should) respond authoritatively with the data from this latter zone. NS records at the apex don't cause a delegation. Thus, presuming the administrator had left the rest of the zone empty under the impression that RedelegatedNS.com was going to be handling things, any names within the zone would all get NXDOMAINs. _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
