On 13 Nov 2015, at 12:06, Havard Eidnes wrote:
consider a nameserver ns.example.com serving example.com. There is a
delegation from com. including glue.
Now we add a childzone sub.example.com. served by the same nameserver
ns.example.com.
should I add a entry in example.com to delegate the subzone to
myself?
Generally, yes, although with the specific example, your name
server software may let you get away with not having the NS
record in the example.com zone for sub.example.com.
This will also lead to unexpected hilarity when you sign the zones,
since the lack of a zone cut will cause a validator not to establish a
chain of trust to the child zone.
As you say, best to install the delegation set in the parent zone even
if the choice of nameservers for the parent and child means it will be
obscured.
Joe
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
