[TriLUG] OT: Router then Firewall

Tanner Lovelace clubjuggler at gmail.com
Wed May 24 21:26:01 EDT 2006 

On 5/24/06, stan briggs <stan at stanbriggs.com> wrote:
> tanner,
>
> from the icann page (http://www.icann.org/tlds/):
> <snippet>
> In the 1980s, seven gTLDs (.com, .edu, .gov, .int, .mil, .net, and .org)
> were created. Domain names may be registered in three of these (.com,
> .net, and .org) without restriction; the other four have limited
> purposes.

Doh!  Would you believe I forgot about .edu! :-)  *sigh*
Now, can you name what all of them were originally meant
to be? :-)

>
> Over the next twelve years, various discussions occurred concerning
> additional gTLDs, leading to the selection in November 2000 of seven new
> TLDs for introduction. These were introduced in 2001 and 2002. Four of
> the new TLDs (.biz, .info, .name, and .pro) are unsponsored. The other
> three new TLDs (.aero, .coop, and .museum) are sponsored.
> </snippet>
>
> i had not heard of these sponsored TLDs before. has anyone seen domains
> in them?

I've seen .museum before (see http://getty.art.museum/ or http://about.museum/)
and heard of .coop but didn't know about .aero.  I believe, also,
that .mobi was recently setup for people to start registering domains
too (it was approved last year).  It's supposed to be optimized for
mobile devices.

Also, .xxx has been proposed for over 10 years (even going so far
as to setup an alternative registrar that used different root nameservers!)
but it was recently turned down.

Cheers,
Tanner

> stan
>
> -----Original Message-----
> From: trilug-bounces at trilug.org [mailto:trilug-bounces at trilug.org] On
> Behalf Of Tanner Lovelace
> Sent: Wednesday, May 24, 2006 9:03 PM
> To: Triangle Linux Users Group discussion list
> Subject: Re: [TriLUG] OT: Router then Firewall
>
>
> On 5/24/06, Rick DeNatale <rick.denatale at gmail.com> wrote:
> > Not quite, top level domains are separated into country code tlds
> > (ccTLDs) like us. ca. to. etc, and generic top level domains (e.g.
> > com. edu. net. etc).
>
> Yep, you're  right.  I completely blanked on the country domains. Here's
> an interesting question, though.  How many generic top level domains are
> there?  There were originally six, I believe. What were they and what
> are the ones that have been added in the last few years?
>
> > I think that this may be a problem with my being unclear.  Let me pick
>
> > things apart a tad.
> >
> > Let's say "Alma Mater University" wants to have a subdomain like
> > physics.almamater.edu,  it can certainly have a name server which
> > serves up that dns name space, BUT, the question then becomes, how
> > does an outsider know about THAT name server,  presumably the name
> > server for almamater.edu forwards to it, but that name server needs to
>
> > be known to the internet hoi polloi and needs to be listed in the
> > registry database for edu.  I don't see how someone walking  the dns
> > tree from root will ever get to physics.almater.edu without going
> > through amater.edu to get there.  Once any cached records expire they
> > are going to have to climb down (or is it up? <G>) the tree.
> >
> > Yes you can move subdomain nameservers by just talking to the
> > containing domain's nameserver operator, and that might well be
> > yourself, but you can't move the nameserver which represents your
> > second level domain without changing an entry which isn't under your
> > direct control.
> >
> > So moving that nameserver requires communication with the registry
> > operator via the registrar.
>
> Ah, I believe I see the confusion here.  Yes, you are entirely correct
> that if you want to remove that nameserver from the dns chain that is
> walked to get the hostname you do have to communicate with your
> registrar.  However, that's not what I was saying.  I was saying that
> you could set up that nameserver to delegate to another nameserver.
> That is, instead of containing an SOA (Start Of Authority) record, which
> indicates that a nameserver is "authoritative" for that domain, it could
> instead return *only* an NS record for a nameserver which would be
> authoritative for the domainand an A record for the referenced NS record
> (the A record is commonly called a "glue" record).  So the chain to be
> walked would look like this (for, say, dargo.trilug.org):
>
> "." -> org -> trilug(non-authoritative) -> trilug(authoritative)
>
> The nameserver in this chain that I call "trilug(non-authoritative)" is
> the one listed with the registrar and will show up on a whois query.
> However, that nameserver doesn't claim to be authoritative for
> trilug.org (i.e. it doesn't return an SOA record) but rather returns a
> different NS (nameserver) record which when queried does answer
> authoritatively.
>
> However, this probably isn't what Aaron was referring to.
> My guess is he was probably referring to a lame delegation. This is
> where you return a hostname as an NS record for a domain, but that host
> isn't set up to answer authoritatively for the domain.  I probably ought
> to go back and re-read his original question, though, since we've come a
> long way since then. :-)
>
> Cheers,
> Tanner
> --
> Tanner Lovelace
> clubjuggler at gmail dot com
> http://wtl.wayfarer.org/
> (fieldless) In fess two roundels in pale, a billet fesswise and an
> increscent, all sable.
> --
> TriLUG mailing list        :
> http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ  : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
>
>
> --
> TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ  : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
>


-- 
Tanner Lovelace
clubjuggler at gmail dot com
http://wtl.wayfarer.org/
(fieldless) In fess two roundels in pale, a billet fesswise and an
increscent, all sable.

More information about the TriLUG mailing list