1

What happens if the NS records in a zone don't agree with the root nameserver delegation for that same zone? In other words, if a registrar knows that the authoritative nameservers for example.com are server-1 and server-2, and this information is populated to the root nameservers.

But server-1 and server-2 contain zonefiles which list a different pair of servers (server-a.example.com and server-b.example.com) as the NS records, along with the appropriate A records, should this work?

As I understand it this is not a valid configuration, but I have seen it work, and don't understand why resolvers are following the NS records, instead of the root nameserver delegation.

Which zonefile is actually in use, is it the zonefile on server-a/b or server-1/2?

J. Doe
  • 11
  • 2
  • A point of clarification: The root name servers don't know anything about your name servers. The root name servers are authoritative for the root zone (which is .). The gTLD name servers know about your name servers. The gTLD name servers are authoritative for their respective gTLD zones (.com, .net, etc.). Your registrar updates the gTLD name servers, not the root name servers. – joeqwerty Nov 30 '15 at 18:51
  • good point, the . root servers are: X.root-servers.net. and the GTLD servers are: X.gtld-servers.net. For better or worse, I tend to think of anything above the TLD all as "root servers" at least in spirit. – J. Doe Dec 02 '15 at 23:32

1 Answers1

0

The first zone to answer the RR-Type requested is used.

For example, if server-1 has an A record for www.example.com, it will respond with the A Record in it's local zone, if it does not, it will defer you to the NS or CNAME record for that answer.

The same is true for GLUE records,

the .com. servers must have A Records for server-1.example.com. in order to reliably query server-1.example.com. for example.com's zone, the same applies if you defer the zone to server-a.example.com, server-1.example.com. should have the A Records for server-a/b.

Yes it is possible, but be consistent.

Many times you'll find extra nameservers in the zone file, so server-1, server-2, server-a,server-b. server-a and server-b will likely never be used as long as server-1 and server-2 included the RR types requested.

Jacob Evans
  • 7,636
  • 3
  • 25
  • 55