1. delegation

DNSの基本構造(分散管理)を実現する方法が delegation (../委譲・委任)です。


DNS健全性チェッカー http://www.e-ontap.com/dns/health/

DNS/返答/delegation返答 DNS/運用/delegation

DNS/lame_delegation delegation失敗

1.1. 失敗の設計


そんなDNSをいまも使っているのがおかしいのだが、誰も止められない。-- ToshinoriMaeno 2022-04-07 00:21:47

1.2. ゾーン


7.  ゾーン

Authoritative data, Lame delegation DNS/RFC/1713

1.3. NEWS

Delegation Revalidation by DNS Resolvers https://tools.ietf.org/id/draft-ietf-dnsop-ns-revalidation-00.html



Internet Engineering Task Force                                 S. Huque
Internet-Draft                                                Salesforce
Intended status: Standards Track                                P. Vixie
Expires: March 11, 2021                                Farsight Security
                                                              R. Dolmans
                                                              NLnet Labs
                                                       September 7, 2020

2. DNS/delegation

登録: https://www.nic.ad.jp/ja/dom/registration.html



委譲をされた側は問い合わせに対して"Authoritative Answer"をすることが期待されている。

https://tools.ietf.org/html/rfc1591 Domain Name System Structure and Delegation March 1994

DNS/RFC/1912/delegation これが現在も有効かどうかは不明

DNSの健全な運用のために ~Lame Delegation編~ 2003/05/20(Tue)

delagationの説明はなくて、lame delegationの説明に終始している。/JPRS

委任: https://jprs.jp/glossary/index.php?ID=0152

委任情報: https://jprs.jp/glossary/index.php?ID=0192

DNS/delegation/リゾルバー DNS/リゾルバー/動作

2.1. なにを委任・委譲するのか


2.2. delegation response



2.3. RFC 1034

%grep -i -n delegation rfc1034.txt ~/dnsdoc/RFC

1071:internal partitions to achieve nested delegations of name space control.
1142:to agree to the delegation of control.  While there are no particular
1162:As the last installation step, the delegation NS RRs and glue RRs
1163:necessary to make the delegation effective should be added to the parent
1356:      answer section.  If there was no delegation from
1406:   - When the query is in another zone.  That is, delegation cancels
1866:         b. if the response contains a better delegation to other
1867:            servers, cache the delegation information, and go to
1966:If the response shows a delegation, the resolver should check to see
1967:that the delegation is "closer" to the answer than the servers in SLIST
1969:computed from SNAME and the NS RRs in the delegation.  If not, the reply
1970:is bogus and should be ignored.  If the delegation is valid the NS
1971:delegation RRs and any address RRs for the servers should be cached.
2085:delegation of the MIL and EDU domains, together with the glue RRs for
2669:closer delegation to ISI.EDU than its existing SLIST (since it matches

DNS/RFC/1034/4.2#A13 /親子でのNSレコードを一致させる

2.4. RFC 1035

%grep -i -n delegation rfc1035.txt

1939:consequences.  For example, suppose that the RRs defining a delegation
1951:   3. If delegations are present and glue information is required,
2440:response to delegation responses which point the resolver to name
2491:Note that whenever a delegation is followed, the resolver algorithm
2507:     smaller TTL than the NS RRs marking delegation, or when the

2.5. RFC 1912

classless delegation を含む言及がある。

   Having NS records pointing to a CNAME is bad and may conflict badly
   with current BIND servers.  In fact, current BIND implementations
   will ignore such records, possibly leading to a lame delegation.

2.8 Authority and Delegation Errors (NS records) DNS/RFC/1912/delegation

2.6. 逆引き空間

2.6.1. IP blocks less than /24


Moin2Qmail: DNS/delegation (last edited 2022-08-27 01:35:01 by ToshinoriMaeno)