Sub Domains DNS

This is the scenario I would like to create.

My client have their own domains, controlled by their own DNS server.
I want to control a subdomain for them, such as annex.clientdomain.com.
I believe that the clientdomain.com can point to my DNS server for
delegation of annex.clientdomain.com.

>From an SOA record (bind config file) how is this done?
Can I have the record point to a named DNS server rather then an IP?

Thank you

Julian

"Bodger" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) oups.com...

>>From an SOA record (bind config file) how is this done?

> Can I have the record point to a named DNS server rather then an IP?

Absolutely not. Think about it. Someone is trying to convert a name to
an IP address, but you give them a name. In order to continue, they have to
be able to convert a name to an IP address. But that's what they were trying
to do in the first place.

DS

David Schwartz wrote:
> "Bodger" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed) oups.com...
>
>
>>>From an SOA record (bind config file) how is this done?
>
>
>>Can I have the record point to a named DNS server rather then an IP?
>
>
> Absolutely not. Think about it. Someone is trying to convert a name to
> an IP address, but you give them a name. In order to continue, they have to
> be able to convert a name to an IP address. But that's what they were trying
> to do in the first place.
>
> DS
>
>
I don't see why not, as long as the name you use for the nameserver is
not in the subdomain. Have an A record for your name server (like
ns4.domain A 123.123.123.123) in their hosts file, and an SOA record
containing just subdomain - NS ns4.domain. Alternatively your nameserver
could have an alias in some other domain (say xyz.net).
Needs clients that do recursive resolving, but almost anything does
nowadays.

J

>I don't see why not, as long as the name you use for the nameserver is

>not in the subdomain. Have an A record for your name server (like
>ns4.domain A 123.123.123.123) in their hosts file, and an SOA record
>containing just subdomain - NS ns4.domain.

Great! .... well, that means you have to have access to their hosts
file and a SOA record. Hmm. Any more alternatives?


--
Raqueeb Hassan
Bangladesh

On 11 Apr 2005 03:01:52 -0700, Raqueeb Hassan <(E-Mail Removed)> wrote:
>>I don't see why not, as long as the name you use for the nameserver is
>
>>not in the subdomain. Have an A record for your name server (like
>>ns4.domain A 123.123.123.123) in their hosts file, and an SOA record
>>containing just subdomain - NS ns4.domain.
>
> Great! .... well, that means you have to have access to their hosts
> file and a SOA record. Hmm. Any more alternatives?

Well you certainly have to have cooperation of the authorative nameserver
for a domain in order for you to do DNS for a subdomain. Otherwise people
could just hijack subdomains.

"Jack Masters" <(E-Mail Removed)> wrote in message
news:MuidnYHaAN9XjMffRVn-(E-Mail Removed)...

> David Schwartz wrote:

>> "Bodger" <(E-Mail Removed)> wrote in message
>> news:(E-Mail Removed) oups.com...

>>>>From an SOA record (bind config file) how is this done?

>>>Can I have the record point to a named DNS server rather then an IP?

>> Absolutely not. Think about it. Someone is trying to convert a name
>> to an IP address, but you give them a name. In order to continue, they
>> have to be able to convert a name to an IP address. But that's what they
>> were trying to do in the first place.

> I don't see why not, as long as the name you use for the nameserver is not
> in the subdomain. Have an A record for your name server (like ns4.domain A
> 123.123.123.123) in their hosts file, and an SOA record containing just
> subdomain - NS ns4.domain. Alternatively your nameserver could have an
> alias in some other domain (say xyz.net).
> Needs clients that do recursive resolving, but almost anything does
> nowadays.

There are just too many cases where this breaks down. Ensuring the
nameserver is not in the subdomain is not nearly sufficient to ensure this
doesn't become pathological.

DS

David Schwartz wrote:
> "Jack Masters" <(E-Mail Removed)> wrote in message
> news:MuidnYHaAN9XjMffRVn-(E-Mail Removed)...
>
>
>>David Schwartz wrote:
>
>
>>>"Bodger" <(E-Mail Removed)> wrote in message
>>>news:(E-Mail Removed) egroups.com...
>
>
>>>>>From an SOA record (bind config file) how is this done?
>
>
>>>>Can I have the record point to a named DNS server rather then an IP?
>
>
>>> Absolutely not. Think about it. Someone is trying to convert a name
>>>to an IP address, but you give them a name. In order to continue, they
>>>have to be able to convert a name to an IP address. But that's what they
>>>were trying to do in the first place.
>
>
>>I don't see why not, as long as the name you use for the nameserver is not
>>in the subdomain. Have an A record for your name server (like ns4.domain A
>>123.123.123.123) in their hosts file, and an SOA record containing just
>>subdomain - NS ns4.domain. Alternatively your nameserver could have an
>>alias in some other domain (say xyz.net).
>>Needs clients that do recursive resolving, but almost anything does
>>nowadays.
>
>
> There are just too many cases where this breaks down. Ensuring the
> nameserver is not in the subdomain is not nearly sufficient to ensure this
> doesn't become pathological.
>
> DS

Agreed, there can be complications if you want to do further fancy
stuff, but it can definitely be done (or I wouldn't get any e-mail.
Maybe not such a bad plan, 80% is spam).
I was merely commenting on the logic that to resolve the nameserver's
hostname one has to know the nameserver's IP address, which is only the
case if the nameserver is in the subdomain. If giving out a hostname (in
some other domain) for a delegated server is a good thing or not is more
a question of policy, depends on how much control the domain owner wants
to have over what happens in his subdomain.

J.