6

I found this Can an NS Record Point To Multiple A Records?, but wonders what is the difference, if any.

For example:

mydomain.com. IN NS ns1.myhost.com.
mydomain.com. IN NS ns2.myhost.com.

ns1.myhost.com. IN A 111.222.333.1
ns2.myhost.com. IN A 111.222.333.2

versus

mydomain.com. IN NS ns.myhost.com.

ns.myhost.com. IN A 111.222.333.1
ns.myhost.com. IN A 111.222.333.2

EDIT: actually, come to think of it, it could be said the same for MX records. Any breaking differences?

EDIT 2: then again, MX allow use of priority values so its a different case, in that one-ip-per-domain is more useful sometimes.

Community
  • 1
Jake
  • 1,172
  • 6
  • 28
  • 48

3 Answers3

5

There is a semantic difference.

If an NS record (or MX record) points to a host name which subsequently resolves to multiple A (or AAAA) records these are supposed to represent alternate addresses for the same host (aka "multihoming").

See paragraphs 8 and 9 in s5.1 of RFC 5321.

Hence it's not always required that a client would try every known address for a particular host, but it should try every named host.

So, in the (normal) single-homed case with multiple name servers or mail servers, you should use a different name for each server, with a single IP, rather than one name with multiple IPs.

Community
  • 1
Alnitak
  • 21,191
  • 3
  • 52
  • 82
  • 1
    just found - take a look http://tools.ietf.org/html/rfc1034 section 5.3.3 step 3. – Sandman4 Nov 20 '11 at 20:20
  • 1
    As `Sandman4` points out, it doesn't have the effect that you state, because resolving proxy DNS servers _do_ in fact simply try every IP address returned. It's actually simpler to implement that way. Picking and choosing amongst `A` resource records, rather than simply using them all, is _more_ work for an implementor. – JdeBP Jan 20 '12 at 17:11
3

I suppose it just can be implementation specific - maybe some odd servers will always use only one of addresses or something like that. But normally probably should be no difference.

Btw, I found one RFC that mentions similar situation - look at RFC 2181 section 4.3, 3-rd paragraph. It says one A for one NS, but provide no reasoning.

Edit: The main difference obviously is that (1) is what everybody uses and as such 100% tested, while (2) is what nobody uses and as such there's higher possibility of it being broken is some implementations.

Community
  • 1
Sandman4
  • 4,077
  • 2
  • 21
  • 27
  • RFC 2181 §4.3 says "`A` records", plural. It doesn't say one `A` resource record per `NS` resource record. It says one `NS` resource record per distinct group of host-local/site-local/global addresses, according to connectivity, with the `A` resource records in the group associated with the intermediate domain name in the value of that `NS` resource record. Given the split-horizon capabilities of most content DNS server softwares, the multiple `NS` resource records and intermediate domain names aren't really needed in practice. – JdeBP Jan 20 '12 at 16:58
-4

Read books!

In case of multiple A Records per name resolver will return always one IP per request for NS (round-robin'ed from pool), in case of multiple NS Records all records will be returned and if one of NS failed, all others will continue to work and serve requests

Lazy Badger
  • 3,137
  • 15
  • 13