Glue record miunderstanding
Scott Haneda
talklists at newgeo.com
Thu Oct 1 23:03:01 UTC 2009
On Oct 1, 2009, at 3:25 PM, Matthew Pounsett wrote:
> On 01-Oct-2009, at 16:03, Scott Haneda wrote:
>
>> Is it also correct, I only need a NS glue record for the actual NS
>> itself. There does not need to be a glue record for very zone that
>> I am providing DNS for?
>
> The only case where glue *must* be present is when a nameserver name
> is a subdomain of the zone it's authoritative for.
>
> So, if ns1.example.com is one of the nameservers for example.com,
> then there must be glue in the com zone. In all other cases it is
> not required. However, some registries may include glue even when
> its not necessary, since it simplifies the logic of generating their
> zone.
>
> To check if glue is present, ask your parent's nameservers for some
> record inside your zone. When you get back the delegation response,
> if glue is present it'll be included in the ADDITIONAL section.
>
> Here's a real-world example. In this case, glue is unnecessary in
> the com zone, but Verisign is including it anyway:
>
> 18:24:04 % dig +norec IN A www.example.com @a.gtld-servers.net
>
> ; <<>> DiG 9.4.3-P3 <<>> +norec IN A www.example.com @a.gtld-
> servers.net
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55065
> ;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 2
>
> ;; QUESTION SECTION:
> ;www.example.com. IN A
>
> ;; AUTHORITY SECTION:
> example.com. 172800 IN NS a.iana-servers.net.
> example.com. 172800 IN NS b.iana-servers.net.
>
> ;; ADDITIONAL SECTION:
> a.iana-servers.net. 172800 IN A 192.0.34.43
> b.iana-servers.net. 172800 IN A 193.0.0.236
>
> ;; Query time: 65 msec
> ;; SERVER:
> ;; WHEN: Thu Oct 1 18:24:13 2009
> ;; MSG SIZE rcvd: 113
Taking your example:
$dig +norec IN A ns1.hostwizard.com @a.gtld-servers.net
; <<>> DiG 9.4.3-P3 <<>> +norec IN A ns1.hostwizard.com @a.gtld-
servers.net
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31543
;; flags: qr; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;ns1.hostwizard.com. IN A
;; ANSWER SECTION:
ns1.hostwizard.com. 172800 IN A 64.84.37.14
;; AUTHORITY SECTION:
hostwizard.com. 172800 IN NS ns1.hostwizard.com.
hostwizard.com. 172800 IN NS ns1.nacio.com.
;; ADDITIONAL SECTION:
ns1.hostwizard.com. 172800 IN A 64.84.37.14
ns1.nacio.com. 172800 IN A 64.84.0.18
;; Query time: 252 msec
;; SERVER: 2001:503:a83e::2:30#53(2001:503:a83e::2:30)
;; WHEN: Thu Oct 1 16:00:56 2009
;; MSG SIZE rcvd: 122
So I see my NS is listed in the additional section. This to me tells
me there is in fact glue, so I should consider the report at http://intodns.com/hostwizard.com
to be inaccurate?
--
Scott * If you contact me off list replace talklists@ with scott@ *
More information about the bind-users
mailing list