Delegating /24's from a /19
Edward Lewis
Ed.Lewis at neustar.biz
Wed Mar 16 21:56:13 UTC 2005
At 13:48 -0800 3/16/05, David Raistrick wrote:
>On Wed, 16 Mar 2005, Edward Lewis wrote:
>
>
>> aside) to uphold. In the global DNS, no matter where you ask
>> question, you should get the same answer.
>
>Really?
Yes.
>
>> dig @ns1.arin.net 124.16.172.in-addr.arpa. IN NS
>>
>> and
>>
>> dig @ns1.foobar.com 124.16.172.in-addr.apra. IN NS
>>
>> had better return the same NS RRSet.
>
>An example modeled after the above using real servers:
>
>dig 48.173.209.in-addr.arpa ns @a.root-servers.net
>
>;; AUTHORITY SECTION:
>209.in-addr.arpa. 1D IN NS chia.ARIN.NET.
>209.in-addr.arpa. 1D IN NS dill.ARIN.NET.
>209.in-addr.arpa. 1D IN NS BASIL.ARIN.NET.
>209.in-addr.arpa. 1D IN NS henna.ARIN.NET.
>209.in-addr.arpa. 1D IN NS indigo.ARIN.NET.
>209.in-addr.arpa. 1D IN NS epazote.ARIN.NET.
>209.in-addr.arpa. 1D IN NS figwort.ARIN.NET.
>
>
>dig 48.173.209.in-addr.arpa ns @chia.ARIN.NET
>
>;; AUTHORITY SECTION:
>48.173.209.in-addr.arpa. 1D IN NS oak.neustar.com.
>48.173.209.in-addr.arpa. 1D IN NS pine.neustar.com.
>48.173.209.in-addr.arpa. 1D IN NS willow.neustar.com.
>48.173.209.in-addr.arpa. 1D IN NS cypress.neustar.com.
And that is correct. Both are referring you to another zone. The
set of servers in the first belong to 209/8, the latter to
209.173.48/8.
What is not apparent is that neither query is resulting in an answer.
Instead, the reply is a "go ask someone else" referral. It's like
Joe says "ask Bob" and Bob says "ask Charlie."
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis +1-571-434-5468
NeuStar
Achieving total enlightenment has taught me that ignorance is bliss.
More information about the NANOG
mailing list