1. DNS/awsdns/ゾーン運用/同居

Contents

  1. DNS/awsdns/ゾーン運用/同居
  2. CreateReusableDelegationSet
  3. 登録されているゾーン

awsdnsではNSセットを指定してゾーンが作れるらしい。 便利ですね。(危険ですね、の意味も)

-- ToshinoriMaeno 2020-06-15 23:28:20

http://blog.serverworks.co.jp/tech/2017/11/02/route53-cli53/

https://docs.aws.amazon.com/ja_jp/Route53/latest/DeveloperGuide/white-label-name-servers.html

https://twitter.com/beyondDNS/status/1272838388479979520?s=20

どれくらい利用されているか、調査を始めた。-- ToshinoriMaeno 2020-06-17 03:44:17

There is a default limit of 100 hosted zones that can use the same reusable delegation set.

2. CreateReusableDelegationSet

https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateReusableDelegationSet.html 

You can also create a reusable delegation set that uses the four name servers that 
are associated with an existing hosted zone. 
Specify the hosted zone ID in the CreateReusableDelegationSet request.

特定のドメイン名に対して、事前に取得しておいたNS群を割り付けることができる。 

reusable delegation set A set of four authoritative name servers that you can use with more than one hosted zone. By default, Route 53 assigns a random selection of name servers to each new hosted zone. To make it easier to migrate DNS service to Route 53 for a large number of domains, you can create a reusable delegation set and then associate the reusable delegation set with new hosted zones. (You can't change the name servers that are associated with an existing hosted zone.)

3. 登録されているゾーン

117yen.com.             3600    IN      NS      ns4.117yen.com.
117yen.com.             3600    IN      NS      ns3.117yen.com.
117yen.com.             3600    IN      NS      ns1.117yen.com.
117yen.com.             3600    IN      NS      ns2.117yen.com.
;; ADDITIONAL SECTION:
ns1.117yen.com.         300     IN      A       205.251.192.51
ns2.117yen.com.         300     IN      A       205.251.194.2
ns3.117yen.com.         300     IN      A       205.251.197.220
ns4.117yen.com.         300     IN      A       205.251.199.228

tcpreplay.net.          300     IN      NS      ns4.tcpreplay.net.
tcpreplay.net.          300     IN      NS      ns1.tcpreplay.net.
tcpreplay.net.          300     IN      NS      ns3.tcpreplay.net.
tcpreplay.net.          300     IN      NS      ns2.tcpreplay.net.
ns1.tcpreplay.net.      300     IN      A       52.213.198.181
ns2.tcpreplay.net.      300     IN      A       52.213.198.181
ns3.tcpreplay.net.      300     IN      A       52.213.198.181
ns4.tcpreplay.net.      300     IN      A       52.213.198.181

これらは同居ではない。だが、205.251.199.228 には tcpreplay.net ゾーンもある。 

$ dig exist.tcpreplay\.net. @\ns-2020.awsdns-60\.co.uk.

; <<>> DiG 9.11.3-1ubuntu1.12-Ubuntu <<>> exist.tcpreplay.net. @ns-2020.awsdns-60.co.uk.
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43799
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 5
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;exist.tcpreplay.net.           IN      A

;; ANSWER SECTION:
exist.tcpreplay.net.    99      IN      CNAME   cname-exist.117yen.com.

;; AUTHORITY SECTION:
tcpreplay.net.          300     IN      NS      ns1.tcpreplay.net.
tcpreplay.net.          300     IN      NS      ns2.tcpreplay.net.
tcpreplay.net.          300     IN      NS      ns3.tcpreplay.net.
tcpreplay.net.          300     IN      NS      ns4.tcpreplay.net.

;; ADDITIONAL SECTION:
ns1.tcpreplay.net.      300     IN      A       205.251.192.51
ns2.tcpreplay.net.      300     IN      A       205.251.194.2
ns3.tcpreplay.net.      300     IN      A       205.251.197.220
ns4.tcpreplay.net.      300     IN      A       205.251.199.228

;; Query time: 5 msec
;; SERVER: 205.251.199.228#53(205.251.199.228)
;; WHEN: Tue Jun 16 08:01:39 JST 2020
;; MSG SIZE  rcvd: 220