Are horizontal referrals in DNS allowed?

Question

I've been looking into DNS quite a bit lately and currently got the following error message with the DIG command:

BAD (HORIZONTAL) REFERRAL

From my understanding, this is caused due to delegating a name lookup without traversing down the "DNS tree". Different to a vertical referral, which delegates down the "DNS tree", a horizontal referral delegates names like the following:

(Made-up example answer from the nameserver of the zone "google.com")

;; QUESTION SECTION:
;123.google.com. IN A

;; AUTHORITY SECTION:
a.123.google.com. 7200 IN NS ns1.321.google.com.
a.123.google.com. 7200 IN NS ns2.321.google.com.
a.123.google.com. 7200 IN NS ns3.321.google.com.

When you ask one of the above specified nameservers, the following answer is returned:

;; QUESTION SECTION:
;123.google.com. IN A

;; AUTHORITY SECTION:
a.123.google.com. 7200 IN NS ns4.321.google.com.
a.123.google.com. 7200 IN NS ns5.321.google.com.
a.123.google.com. 7200 IN NS ns6.321.google.com.

This goes on and on without coming closer to the nameserver that can actually answer the request for "a.123.google.com".

Back to my question:

Are horizontal referrals generally not allowed or is only this specific case a BAD horizontal referral?

Answer 1

Horizontal referrals are always bad, since they don't get you any closer to your specific query:

Let's use the example www.bar.com.

Skipping the root and TLD, we get the name servers for bar.com. Asking these we then get a referral to foo.com

This is in respect useless, since it didn't get us any closer to www.bar.com.

A common cause for this is to have a delegation in place for a subdomain, while still having other records in the parent zone.

For example:

foo.bar.com. is delegated somewhere, but bar.com. still contains a MX record for foo.bar.com

See the following ServerFault thread for more information:

BIND/DNS - dig +trace = Bad Referral and Bad Horizontal Referral