Please Whitelist This Site?

I know everyone hates ads. But please understand that I am providing premium content for free that takes hundreds of hours of time to research and write. I don't want to go to a pay-only model like some sites, but when more and more people block ads, I end up working for free. And I have a family to support, just like you. :)

If you like The TCP/IP Guide, please consider the download version. It's priced very economically and you can read all of it in a convenient format without ads.

If you want to use this site for free, I'd be grateful if you could add the site to the whitelist for Adblock. To do so, just open the Adblock menu and select "Disable on tcpipguide.com". Or go to the Tools menu and select "Adblock Plus Preferences...". Then click "Add Filter..." at the bottom, and add this string: "@@||tcpipguide.com^$document". Then just click OK.

Thanks for your understanding!

Sincerely, Charles Kozierok
Author and Publisher, The TCP/IP Guide


NOTE: Using software to mass-download the site degrades the server and is prohibited.
If you want to read The TCP/IP Guide offline, please consider licensing it. Thank you.

The Book is Here... and Now On Sale!

Enjoy The TCP/IP Guide? Get the complete PDF!
The TCP/IP Guide

Custom Search







Table Of Contents  The TCP/IP Guide
 9  TCP/IP Application Layer Protocols, Services and Applications (OSI Layers 5, 6 and 7)
      9  Name Systems and TCP/IP Name Registration and Name Resolution
           9  TCP/IP Name Systems: Host Tables and Domain Name System (DNS)
                9  TCP/IP Domain Name System (DNS)
                     9  DNS Name Registration, Public Administration, Zones and Authorities

Previous Topic/Section
DNS Public Registration Disputes (Conflicts, Cybersquatting, "Deceptive Naming", Etc.) and Dispute Resolution
Previous Page
Pages in Current Topic/Section
1
2
3
Next Page
DNS Private Name Registration
Next Topic/Section

DNS Name Space Administrative Hierarchy Partitioning: DNS Zones of Authority
(Page 2 of 3)

DNS Zones of Authority

DNS is specifically designed to allow these divisions between the name hierarchy and the authority structure to be created. The complete DNS name structure is divided by making cuts (as the standard calls them) between adjacent nodes to create groups of contiguous nodes in the structure. Each group is called a zone of authority, or more commonly, just a zone. Each zone is usually identified by the domain name of the highest-level node in the zone, that is, the one closest to the root. The zones in DNS are by definition non-overlapping—every domain or subdomain is in exactly one zone.

Methods of Dividing the Name Space Into Zones

The division of the name space into zones can be made in an arbitrary way. At one extreme, we could place a cut between every node, and thereby divide the entire name space so each domain (and subdomain, etc.) was a separate zone. If we did this, the name hierarchy and authority hierarchy would indeed be the same for the entire DNS tree. At the other end of the scale, we could use no cuts at all, defining a single zone encompassing the entire DNS structure. This would mean the root was the authority for the entire tree.

Of course in practice, neither of these is particularly useful, as neither really reflects how the real-world administration of DNS works. Instead, we generally divide the name structure in a variety of places depending on the needs of different parts of the name space. There are many cases where we might want to create a subdomain that is responsible for its own DNS server operation; there are others where we might not want to do that. The significance of a “cut” in the name hierarchy is that making such a cut represents, in essence, a declaration of DNS independence by the node below the cut from the one above the cut.

Returning to our example, if googleplex.edu is in charge of its own DNS servers, then there would be a “cut” in the name space between “googleplex.edu” and .EDU at the next higher level. This means that the DNS server for .EDU is no longer in charge of DNS for the “googleplex.edu” domain; instead, either the University itself or someone they hire as a third party must provide DNS for it. In this case, we are assuming Googleplex U. themselves run their own DNS. Without making any other cuts, the “googleplex.edu” domain would be a single zone containing everything below that name, including both “finearts.googleplex.edu” and “compsci.googleplex.edu”.

In our example, however, we would make another “cut”, between “googleplex.edu” and “compsci.googleplex.edu”. This in effect liberates “compsci.googleplex.edu”, allowing its administrators to be in charge of their own DNS server. In so doing, we end up with two distinct zones: one encompassing “googleplex.edu”, “finearts.googleplex.edu” and “admin.googleplex.edu” (and everything underneath them) and another for “compsci.googleplex.edu” (and everything below it). This is illustrated in Figure 240.


Figure 240: DNS Zones Of Authority

This example shows how cuts can be made between nodes in the DNS name tree to create an arbitrary hierarchy of name authorities. In this example I have shown the DNS tree branch for “googleplex.edu”, with each zone indicated using a different background color. IANA/ICANN is responsible for the root domain (yellow), and a separate authority named Educause takes care of “.EDU” (green). The blue zone covers much of “googleplex.edu”, except that a cut has been made between “googleplex” and “compsci” to create an independent zone of authority for “compsci.googleplex.edu”, shown in purple.

 


Key Concept: The DNS name registration hierarchy is divided into regions called zones of authority. Each zone represents an area that is administered independently, and consists of a contiguous segment of the DNS name tree.



Previous Topic/Section
DNS Public Registration Disputes (Conflicts, Cybersquatting, "Deceptive Naming", Etc.) and Dispute Resolution
Previous Page
Pages in Current Topic/Section
1
2
3
Next Page
DNS Private Name Registration
Next Topic/Section

If you find The TCP/IP Guide useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider purchasing a download license of The TCP/IP Guide. Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $



Home - Table Of Contents - Contact Us

The TCP/IP Guide (http://www.TCPIPGuide.com)
Version 3.0 - Version Date: September 20, 2005

© Copyright 2001-2005 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.