In
Herb Martin said:
As I thought you misunderstand the word namespace.
It's a common enough mistake.
Those are ZONES, or DNS trees, not namespaces.
Ah, but a tree is a namespace Herb. So I'm not sure what you're trying to
get at. This thread has veered off the original topic for the original
poster. I thought we're here to help the posters? So what I did I figured I
would look this up so we BOTH know, and anyone else reading this post, what
a Domain Name Space is, so I picked up my old faithfull DNS and BIND, that
is if you trust O'reilly's DNS and BIND, but I remember from a previous post
a few months ago that you don't. That was in a conversation with William
that was left at a standstill. Well, anyway, nonetheless, and to put an end
to this thread, i pulled my sleeves up and blew the dust off the book and
dug in. Well, here it is...
Domain name space (from O'Reilly's DNS and BIND):
"Each unit of data in DNS's distrtibuted database is indexed by a name.
These names are essentially just paths in a large inverted tree, called the
'Domain Name Space'."
So in essence, a tree is a namespace, whether in a private scenario, such as
a company's inner structure, that has nothing to do with the Internet Name
Space, or in the Internet Name Space, called the Root, both represented by
the familiar ".". So the Root in the Internet Name Space really has nothing
to do with a private Name Space, whether a split DNS or not, since a private
Name Space is just that, private. They can have their own Tree or Name
Space.
The definition goes on....
"The tree's hierarchical structure is very similar to the structure of the
Unix file system. The tree has a single root at the top. In Unix, this is
called the Root Directory, represented by a "/", where in DNS it's the ".".,
which is tree's single root at the top. This is called the Root or The Root
Domain. Like a filesystem, DNS's tree can branch any n umber of ways at each
intersection point, called a "node". The depth of the tree is limited to 127
levels (a limit that you're not likely to run into."
One subnote of interest about Sun's NIS is not to confuse domains in DNS
with domains in Sun's NIS.
Though an NIS domains also refers to a gour of hosts (just as in AD, since
they are both X.500 Directory Services and use DNS for their hierarchy),
both types of domains have similaraly structured names, the convcepts are
different. NIS uses hierarchical names but the hierarchy ends there: host in
the same NIS domain share certain data about hosts and users, but they can't
navigate the NIS name space to find data in other NIS domains. So therefore,
either a forwarder or a in same name scenarios (Split Name Space), a shadow
zone or secondaries can be used.
"In abstract, a domain is just a subtree of the domain name space. But if a
domain is just made up of domain names and other domains, where are all the
hosts? Domains are groups of hosts, right? The hosts are domains too. So
domains are just indexed into the DNS database. "
"Delegation provides decentralized administration of the Domain Name
Space."... "We can delegate a portion of the Name Space (the tree in
respects to AD or NIS, or in the Internet Name Space). A domain can have
several subdomains" ... "For example, the Acme Corporation (they supply a
certain coyote with most of his gadgets), which has a division in Rockaway
and it's headquarters in Kalamazoo, might have a rockaway.acme.com subdomain
and a kalamazoo.,acme.com subdomain. However, the few hosts in the Acme
sales office would fit better under the acme.com then under either
subdomain."
So in summary, no where in DNS and BIND does it say Forwarders are REQUIRED.
Matter of fact, on page 332, it says, "The downfall of a forwarder is a
single point of failure". So if we delegated, and forwarded back up to the
Root or parent, and it's down, then we can have a failure. If we make a
secondary copy of the zone in the delegated DNS server, that will overcome
that.
And yes, the delegated zone can be:
child.domain.com
And the DNS server that this exists on that was delegated, can have a
secondary copy of the parent's domain in it, such as:
domain.com. And yes it works, just as I explained.
And yes, domain.com represents the tree in this private scenario, and is the
Domain Name Space in this private hierarchy. And yes, the child.domain.com
zone is part of this namespace. And yes, it is a zone, and yes, it can exist
on the same name server as a separate zone, but yet be part of the same name
space.
That DNS and BIND is a great book! I have to keep the dust off that thing.
--
Regards,
Ace
Please direct all replies to the newsgroup so all can benefit.
Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
