Glue record miunderstanding

Scott Haneda talklists at newgeo.com
Thu Oct 1 23:03:01 UTC 2009


On Oct 1, 2009, at 3:25 PM, Matthew Pounsett wrote:

> On 01-Oct-2009, at 16:03, Scott Haneda wrote:
>
>> Is it also correct, I only need a NS glue record for the actual NS  
>> itself.  There does not need to be a glue record for very zone that  
>> I am providing DNS for?
>
> The only case where glue *must* be present is when a nameserver name  
> is a subdomain of the zone it's authoritative for.
>
> So,  if ns1.example.com is one of the nameservers for example.com,  
> then there must be glue in the com zone.  In all other cases it is  
> not required.  However, some registries may include glue even when  
> its not necessary, since it simplifies the logic of generating their  
> zone.
>
> To check if glue is present, ask your parent's nameservers for some  
> record inside your zone.  When you get back the delegation response,  
> if glue is present it'll be included in the ADDITIONAL section.
>
> Here's a real-world example.  In this case, glue is unnecessary in  
> the com zone, but Verisign is including it anyway:
>
> 18:24:04 % dig +norec IN A www.example.com @a.gtld-servers.net
>
> ; <<>> DiG 9.4.3-P3 <<>> +norec IN A www.example.com @a.gtld- 
> servers.net
> ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55065
> ;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 2
>
> ;; QUESTION SECTION:
> ;www.example.com.		IN	A
>
> ;; AUTHORITY SECTION:
> example.com.		172800	IN	NS	a.iana-servers.net.
> example.com.		172800	IN	NS	b.iana-servers.net.
>
> ;; ADDITIONAL SECTION:
> a.iana-servers.net.	172800	IN	A	192.0.34.43
> b.iana-servers.net.	172800	IN	A	193.0.0.236
>
> ;; Query time: 65 msec
> ;; SERVER:
> ;; WHEN: Thu Oct  1 18:24:13 2009
> ;; MSG SIZE  rcvd: 113

Taking your example:
$dig +norec IN A ns1.hostwizard.com @a.gtld-servers.net

; <<>> DiG 9.4.3-P3 <<>> +norec IN A ns1.hostwizard.com @a.gtld- 
servers.net
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31543
;; flags: qr; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;ns1.hostwizard.com.		IN	A

;; ANSWER SECTION:
ns1.hostwizard.com.	172800	IN	A	64.84.37.14

;; AUTHORITY SECTION:
hostwizard.com.		172800	IN	NS	ns1.hostwizard.com.
hostwizard.com.		172800	IN	NS	ns1.nacio.com.

;; ADDITIONAL SECTION:
ns1.hostwizard.com.	172800	IN	A	64.84.37.14
ns1.nacio.com.		172800	IN	A	64.84.0.18

;; Query time: 252 msec
;; SERVER: 2001:503:a83e::2:30#53(2001:503:a83e::2:30)
;; WHEN: Thu Oct  1 16:00:56 2009
;; MSG SIZE  rcvd: 122

So I see my NS is listed in the additional section.  This to me tells  
me there is in fact glue, so I should consider the report at http://intodns.com/hostwizard.com 
  to be inaccurate?
-- 
Scott * If you contact me off list replace talklists@ with scott@ *




More information about the bind-users mailing list