id	summary	reporter	owner	description	type	status	priority	milestone	component	version	resolution	keywords	cc
93	Authoritative NS records in DNS server	kchen		"Zones should have NS records listing the authoritative nameservers for the zone.  Aside from being required (see for example RFC 2181, section 6.1), these records also control how authoritative client nameservers treat the information -- for example, from BIND's cache, compare:

; glue
xvm.MIT.EDU.            21585   NS      NS1.xvm.mit.edu.

; authauthority
CSAIL.MIT.EDU.          14197   NS      lampang.lcs.mit.edu.
                        14197   NS      auth-ns0.csail.mit.edu.
                        14197   NS      auth-ns1.csail.mit.edu.
                        14197   NS      auth-ns2.csail.mit.edu.
                        14197   NS      auth-ns3.csail.mit.edu.

In addition to returning such records for an NS query, the DNS server should (although isn't required to) also return the NS records for the top of the zone, which also affects how client nameservers treat the information.  For example:

kchen@scyther:~$ dig abra.mit.edu @bitsy.mit.edu

; <<>> DiG 9.3.4 <<>> abra.mit.edu @bitsy.mit.edu
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62378
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3

;; QUESTION SECTION:
;abra.mit.edu.                  IN      A

;; ANSWER SECTION:
abra.mit.edu.           21600   IN      A       18.181.0.105

;; AUTHORITY SECTION:
mit.edu.                21600   IN      NS      BITSY.mit.edu.
mit.edu.                21600   IN      NS      W20NS.mit.edu.
mit.edu.                21600   IN      NS      STRAWB.mit.edu.
[snip]

RFC 2181 section 5.4.1 talks a bit about how the NS records in the authority section are treated."	defect	closed	minor		dns		fixed