> My understanding of delegation is that the resolver goes out to it's > configured nameserver. That nameserver returns the NS records for the > delegated namespace, then the resolver goes to the delegated server to > ask the next question. Am I incorrect in that?
It works that way, sometimes. If recursion is enabled on your server, it will query the other servers in the NS records on behalf of the resolver and return what it finds. If recursion is off, it will just return the NS records and the resolver is expected to follow them (and some really dumb resolvers might not be able to do that). If your first server can't talk to the other (delegated zone's) NS's (say because of a firewall issue) you can get something that matches what you seem to be getting. John ------------------------------------------------------------------------------- John Hascall, j...@iastate.edu Team Lead, NIADS (Network Infrastructure, Authentication & Directory Services) IT Services, The Iowa State University of Science and Technology _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
