Please Whitelist This Site? I know everyone hates ads. But please understand that I am providing premium content for free that takes hundreds of hours of time to research and write. I don't want to go to a pay-only model like some sites, but when more and more people block ads, I end up working for free. And I have a family to support, just like you. :) If you like The TCP/IP Guide, please consider the download version. It's priced very economically and you can read all of it in a convenient format without ads. If you want to use this site for free, I'd be grateful if you could add the site to the whitelist for Adblock. To do so, just open the Adblock menu and select "Disable on tcpipguide.com". Or go to the Tools menu and select "Adblock Plus Preferences...". Then click "Add Filter..." at the bottom, and add this string: "@@||tcpipguide.com^$document". Then just click OK. Thanks for your understanding! Sincerely, Charles Kozierok Author and Publisher, The TCP/IP Guide

NOTE: Using software to mass-download the site degrades the server and is prohibited. If you want to read The TCP/IP Guide offline, please consider licensing it. Thank you.

The TCP/IP Guide  9  TCP/IP Application Layer Protocols, Services and Applications (OSI Layers 5, 6 and 7)       9  Name Systems and TCP/IP Name Registration and Name Resolution            9  TCP/IP Name Systems: Host Tables and Domain Name System (DNS)                 9  TCP/IP Domain Name System (DNS)                      9  DNS Name Registration, Public Administration, Zones and Authorities

DNS Public Registration Disputes (Conflicts, Cybersquatting, "Deceptive Naming", Etc.) and Dispute Resolution 1 2 3 DNS Private Name Registration

DNS Zones of Authority

DNS is specifically designed to allow these divisions between the name hierarchy and the authority structure to be created. The complete DNS name structure is divided by making cuts (as the standard calls them) between adjacent nodes to create groups of contiguous nodes in the structure. Each group is called a zone of authority, or more commonly, just a zone. Each zone is usually identified by the domain name of the highest-level node in the zone, that is, the one closest to the root. The zones in DNS are by definition non-overlapping—every domain or subdomain is in exactly one zone.

The division of the name space into zones can be made in an arbitrary way. At one extreme, we could place a cut between every node, and thereby divide the entire name space so each domain (and subdomain, etc.) was a separate zone. If we did this, the name hierarchy and authority hierarchy would indeed be the same for the entire DNS tree. At the other end of the scale, we could use no cuts at all, defining a single zone encompassing the entire DNS structure. This would mean the root was the authority for the entire tree.

Of course in practice, neither of these is particularly useful, as neither really reflects how the real-world administration of DNS works. Instead, we generally divide the name structure in a variety of places depending on the needs of different parts of the name space. There are many cases where we might want to create a subdomain that is responsible for its own DNS server operation; there are others where we might not want to do that. The significance of a “cut” in the name hierarchy is that making such a cut represents, in essence, a declaration of DNS independence by the node below the cut from the one above the cut.

Returning to our example, if googleplex.edu is in charge of its own DNS servers, then there would be a “cut” in the name space between “googleplex.edu” and .EDU at the next higher level. This means that the DNS server for .EDU is no longer in charge of DNS for the “googleplex.edu” domain; instead, either the University itself or someone they hire as a third party must provide DNS for it. In this case, we are assuming Googleplex U. themselves run their own DNS. Without making any other cuts, the “googleplex.edu” domain would be a single zone containing everything below that name, including both “finearts.googleplex.edu” and “compsci.googleplex.edu”.

In our example, however, we would make another “cut”, between “googleplex.edu” and “compsci.googleplex.edu”. This in effect liberates “compsci.googleplex.edu”, allowing its administrators to be in charge of their own DNS server. In so doing, we end up with two distinct zones: one encompassing “googleplex.edu”, “finearts.googleplex.edu” and “admin.googleplex.edu” (and everything underneath them) and another for “compsci.googleplex.edu” (and everything below it). This is illustrated in Figure 240.

DNS Public Registration Disputes (Conflicts, Cybersquatting, "Deceptive Naming", Etc.) and Dispute Resolution 1 2 3 DNS Private Name Registration