<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">I don't get the point of a recursive
DNS server that by default doesn't resolve the Internet.<br>
<br>
Also, we offer recursive DNS services already on 44.24.244.1 and
44.24.245.1. These include recursive services for *.HamWAN.net in
the absence of root servers, as well as reverse DNS for our IP
ranges, also available in the absence of root servers. The access
to the recursive services is limited to 44-net clients.<br>
<br>
On the authoritative side, we're happy to delegate sub-zones.
*.AE7Q.HamWAN.net for example can be delegated.<br>
<br>
While Brian does offer some support for DNS on ampr.org, but I do
think AMPR needs to support reverse DNS delegation. And DNSSEC.
I'm not sure why delegations aren't allowed. I know it's come up
before.<br>
<br>
--Bart<br>
<br>
<br>
On 4/10/2014 10:21 PM, Dean Gibson AE7Q wrote:<br>
</div>
<blockquote cite="mid:53477BEF.9070603@ae7q.com" type="cite">
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
Two days ago I obtained domain 44rf.net, for the sole purpose of
supporting amateurs on 44.x.x.x which need more <b>subdomain</b>
support than ampr.org provides (ie, <b>none</b>; Brian Kantor
will not allow NS records in ampr.org). It's trivial to allow
subdomains of 44rf.net which users can <b>self-manage</b>,
without screwing up the parent domain (volunteers/testers
welcome). And, with the use of stub zones, I support (present
tense) referrals to ampr.org, hamwan.net, and other domains in a
situation where the root servers are not available. Eg:<br>
<br>
<font color="#006600"><small><tt>>dig @ns1.ae7q.ampr.org
db0bi.ampr.org</tt><tt><br>
</tt><tt> </tt><tt><br>
</tt><tt> ; <<>> DiG 9.2.4 <<>>
@ns1.ae7q.ampr.org db0bi.ampr.org</tt><tt><br>
</tt><tt> ; (1 server found)</tt><tt><br>
</tt><tt> ;; global options: printcmd</tt><tt><br>
</tt><tt> ;; Got answer:</tt><tt><br>
</tt><tt> ;; ->>HEADER<<- opcode: QUERY, status:
NOERROR, id: 55750</tt><tt><br>
</tt><tt> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY:
7, ADDITIONAL: 10</tt><tt><br>
</tt><tt> </tt><tt><br>
</tt><tt> ;; QUESTION SECTION:</tt><tt><br>
</tt><tt> ;db0bi.ampr.org. IN A</tt><tt><br>
</tt><tt> </tt><tt><br>
</tt><tt> ;; ANSWER SECTION:</tt><tt><br>
</tt><tt> db0bi.ampr.org. 3568 IN A
44.225.61.14</tt><tt><br>
</tt><tt> </tt><tt><br>
</tt><tt> ;; AUTHORITY SECTION:</tt><tt><br>
</tt><tt> ampr.org. 3568 IN NS
hamradio.ucsd.edu.</tt><tt><br>
</tt><tt> ampr.org. 3568 IN NS
ns0.comgw.net.</tt><tt><br>
</tt><tt> ampr.org. 3568 IN NS
ns1.defaultroute.net.</tt><tt><br>
</tt><tt> ampr.org. 3568 IN NS
ns2.threshinc.com.</tt><tt><br>
</tt><tt> ampr.org. 3568 IN NS
ampr.org.</tt><tt><br>
</tt><tt> ampr.org. 3568 IN NS
munnari.OZ.AU.</tt><tt><br>
</tt><tt> ampr.org. 3568 IN NS
ampr-dns.in-berlin.de.</tt><tt><br>
</tt><tt> </tt><tt><br>
</tt><tt> ;; ADDITIONAL SECTION:</tt><tt><br>
</tt><tt> ns1.defaultroute.net. 172764 IN A
74.120.14.69</tt><tt><br>
</tt><tt> ns2.threshinc.com. 3564 IN A
192.41.222.8</tt><tt><br>
</tt><tt> ns2.threshinc.com. 172764 IN AAAA
2604:5000:0:2::2</tt><tt><br>
</tt><tt> ampr.org. 3568 IN A
44.0.0.1</tt><tt><br>
</tt><tt> munnari.OZ.AU. 14365 IN A
202.29.151.3</tt><tt><br>
</tt><tt> munnari.OZ.AU. 86364 IN AAAA
2001:3c8:9007:1::21</tt><tt><br>
</tt><tt> munnari.OZ.AU. 86364 IN AAAA
2001:3c8:9009:181::2</tt><tt><br>
</tt><tt> ampr-dns.in-berlin.de. 864 IN A
192.109.42.4</tt><tt><br>
</tt><tt> ampr-dns.in-berlin.de. 864 IN AAAA
2a01:238:4073:e600::1</tt><tt><br>
</tt><tt> hamradio.ucsd.edu. 43164 IN A
169.228.66.6</tt><tt><br>
</tt><tt> </tt><tt><br>
</tt><tt> ;; Query time: 253 msec</tt><tt><br>
</tt><tt> ;; SERVER: 44.24.240.173#53(44.24.240.173)</tt><tt><br>
</tt><tt> ;; WHEN: Thu Apr 10 20:10:06 2014</tt><tt><br>
</tt><tt> ;; MSG SIZE rcvd: 452</tt><tt><br>
</tt><tt> </tt><tt><br>
<br>
</tt><tt>>dig @ns1.ae7q.ampr.org a.ns.hamwan.net</tt><tt><br>
</tt><tt><br>
</tt><tt>; <<>> DiG 9.2.4 <<>>
@ns1.ae7q.ampr.org a.ns.hamwan.net</tt><tt><br>
</tt><tt>; (1 server found)</tt><tt><br>
</tt><tt>;; global options: printcmd</tt><tt><br>
</tt><tt>;; Got answer:</tt><tt><br>
</tt><tt>;; ->>HEADER<<- opcode: QUERY, status:
NOERROR, id: 46457</tt><tt><br>
</tt><tt>;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY:
2, ADDITIONAL: 0</tt><tt><br>
</tt><tt><br>
</tt><tt>;; QUESTION SECTION:</tt><tt><br>
</tt><tt>;a.ns.hamwan.net. IN A</tt><tt><br>
</tt><tt><br>
</tt><tt>;; ANSWER SECTION:</tt><tt><br>
</tt><tt>a.ns.hamwan.net. 3600 IN A
44.24.244.2</tt><tt><br>
</tt><tt><br>
</tt><tt>;; AUTHORITY SECTION:</tt><tt><br>
</tt><tt>hamwan.net. 172800 IN NS
a.ns.hamwan.net.</tt><tt><br>
</tt><tt>hamwan.net. 172800 IN NS
b.ns.hamwan.net.</tt><tt><br>
</tt><tt><br>
</tt><tt>;; Query time: 499 msec</tt><tt><br>
</tt><tt>;; SERVER: 44.24.240.173#53(44.24.240.173)</tt><tt><br>
</tt><tt>;; WHEN: Thu Apr 10 20:31:47 2014</tt><tt><br>
</tt><tt>;; MSG SIZE rcvd: 79</tt></small><br>
</font><br>
However, notice what happens when I access a domain for which I do
<b>not</b> have a stub zone declaration:<br>
<br>
<font color="#cc0000"><tt><small>>dig @ns1.ae7q.ampr.org <a
moz-do-not-send="true" class="moz-txt-link-abbreviated"
href="http://www.hamwan.org">www.hamwan.org</a><br>
<br>
<br>
; <<>> DiG 9.2.4 <<>>
@ns1.ae7q.ampr.org <a moz-do-not-send="true"
class="moz-txt-link-abbreviated"
href="http://www.hamwan.org">www.hamwan.org</a><br>
; (1 server found)<br>
;; global options: printcmd<br>
;; Got answer:<br>
;; ->>HEADER<<- opcode: QUERY, status: NOERROR,
id: 24283<br>
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 13,
ADDITIONAL: 0<br>
<br>
;; QUESTION SECTION:<br>
;www.hamwan.org. IN A<br>
<br>
;; AUTHORITY SECTION:<br>
. 518400 IN NS
I.ROOT-SERVERS.NET.<br>
. 518400 IN NS
J.ROOT-SERVERS.NET.<br>
. 518400 IN NS
K.ROOT-SERVERS.NET.<br>
. 518400 IN NS
L.ROOT-SERVERS.NET.<br>
. 518400 IN NS
M.ROOT-SERVERS.NET.<br>
. 518400 IN NS
A.ROOT-SERVERS.NET.<br>
. 518400 IN NS
B.ROOT-SERVERS.NET.<br>
. 518400 IN NS
C.ROOT-SERVERS.NET.<br>
. 518400 IN NS
D.ROOT-SERVERS.NET.<br>
. 518400 IN NS
E.ROOT-SERVERS.NET.<br>
. 518400 IN NS
F.ROOT-SERVERS.NET.<br>
. 518400 IN NS
G.ROOT-SERVERS.NET.<br>
. 518400 IN NS
H.ROOT-SERVERS.NET.<br>
<br>
;; Query time: 258 msec<br>
;; SERVER: 44.24.240.173#53(44.24.240.173)<br>
;; WHEN: Thu Apr 10 22:11:09 2014<br>
;; MSG SIZE rcvd: 243</small></tt></font><br>
<br>
That is, ns1.ae7q.ampr.org does not function as a general-purpose
recursive DNS server.<br>
<br>
Now, if someone else is already doing this ... let me know.<br>
<br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
PSDR mailing list
<a class="moz-txt-link-abbreviated" href="mailto:PSDR@hamwan.org">PSDR@hamwan.org</a>
<a class="moz-txt-link-freetext" href="http://mail.hamwan.org/mailman/listinfo/psdr_hamwan.org">http://mail.hamwan.org/mailman/listinfo/psdr_hamwan.org</a>
</pre>
</blockquote>
<br>
</body>
</html>