+ Reply to Thread
Results 1 to 6 of 6
  1. !30
    !30 is offline
    Senior Member
    Join Date
    Jul 2006
    Location
    Lost Heaven , Romania
    Posts
    365

    Certifications
    CCNA (+ Net Academy),MCP (70-290 ,70-270,70-291,70-271) | next : 70-272 ( MCDST )
    #1

    Default DNS root zone ..

    Hello to all ,

    I have a small problem.I understand that you can configure a "zone" , for FQDN translation on a DNS server , and also a "root zone".Root zone is defined as "." .DNS server's have a list of "root hits" default that point to external "root zones" on external ( Internet ) domains..I think I got it wrong ? But I can configure also internal "root zone" , not querying among the Internet for "root zones" my quesring become's publical .. if I'm using ony a itnernal network with none register's DNS names.

    My point is what are this "root server" which maintain "root zones" , and thier like www.google . com , that dote no ?

    When a query from the DNS server come's to a Internet ( external ) , root zone ( DNS ) , how does that server know ? where to go , recursive ?..

    I think you got my doubt..else I'll explain it again..
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member
    Join Date
    Nov 2005
    Posts
    302

    Certifications
    CCNA,MCP, MCSA, MCSA:Security, MCSA:Messaging, MCSE, MCSE: Security, CompTIA Security+, network+ and linux+
    #2
    Remember that once a root zone exists, the server cannot perform recursion or forwarding or use the root hints...

    Root hints are used for resolving unknown domains: you setup your DNS server and perform a query on it for google.com. The sever won't find it locally, so it can do two things: one use a forward server. two, use root hints.

    The root zone implies that no other server can answer the query... so there is no point in using root hints, forwards or whatever.
    Reply With Quote Quote  

  4. Member
    Join Date
    Jun 2006
    Location
    Princeton NJ
    Posts
    37

    Certifications
    MCP SMS 2.0, 70-290, 70-291
    #3
    When you add a "." zone to DNS server A, it acts as it is the root of the internet, which of course it is not. However, because server A acts as if is the root of the internet, queries will go no further than server A.

    Keep in mind that even though you are not required to add the trailing "." in www.google.com. it is always auto added.

    Hope this helps.

    Fred
    Reply With Quote Quote  

  5. !30
    !30 is offline
    Senior Member
    Join Date
    Jul 2006
    Location
    Lost Heaven , Romania
    Posts
    365

    Certifications
    CCNA (+ Net Academy),MCP (70-290 ,70-270,70-291,70-271) | next : 70-272 ( MCDST )
    #4
    What do you mean by :

    not required to add the trailing "." in www.google.com
    I got the point , but I don't understand what do you mean by that ..
    Reply With Quote Quote  

  6. Member
    Join Date
    Jun 2006
    Location
    Princeton NJ
    Posts
    37

    Certifications
    MCP SMS 2.0, 70-290, 70-291
    #5
    Sorry I was not clear. I will try again.

    The domain google is a chlid of the domain "com" and "com" is a child of a domain named "." (pronounced dot) "." is the root of the DNS hierarchy. Illus. shows downward flow from the root, or "." domain.

    "." (root)
    \
    .com (Top-Level Domain)
    \
    Google.com (Second-level domain)
    \
    Tech.Google.com (Sub-Domains)
    Reply With Quote Quote  

  7. Senior Member
    Join Date
    Jun 2006
    Location
    Tampa Bay
    Posts
    1,266

    Certifications
    MCSA 2000, MCSE 2003, Exchange 2000, CCNA, CCNA Security, CNE, A+, Network+, Security+
    #6
    Root hints is a list of DNS servers that hold the root (dot '.') domain which is usually understood at the right end of an FQDN. On the internet, these root servers contain references to the 1st level domains, such as COM, ORG, NET, MIL, GOV, EDU, etc.

    Try doing an NSLookup against a root zone server. You can try doing a zone transfer off of them, but I am sure they are locked down so you probably won't be able to see anything.

    Or better yet, do some queries using DNSStuff.com. It will show you the query traversal, starting from the root.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks