Grant Taylor <gtaylor=40tnetconsulting....@dmarc.ietf.org> wrote: > > What is your opinion on blindly grafting the sub-domain onto the parent zone > without proper delegation.
Asking for trouble. We used to do that in the dim and distant past but not any more because it's incompatible with DNSSEC. > As I type this I wonder about delegating to RFC 1918 address via names in an > NS record that are within delegated zone. Thus they would require glue > records. Externally I'd omit the glue records. Internally I'd have the > records within zone scope along with all the other zone data. > > I suspect that this may cause odd retry issues too. Yes. However, if you are willing to have views in the parent public zone, you might as well omit the private delegation entirely in the public version. Tony. -- f.anthony.n.finch <d...@dotat.at> http://dotat.at/ Fisher, German Bight, Humber: East 3 or 4 veering southeast 4 or 5, increasing 6 at times. Slight, becoming slight or moderate later. Thundery showers developing. Good, occasionally poor. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
