[dns-operations] Reporting glue as authoritive data -- Bug!

Edward Lewis Ed.Lewis at neustar.biz
Fri Jan 25 16:39:58 UTC 2008

At 11:15 -0500 1/25/08, Joe Abley wrote:
>On 25-Jan-2008, at 10:47, Joe Abley wrote:

He's talking to himself again.

>  - nameserver was renumbered by end user, but glue record was not updated

The IETF - cool protocols that are impossible to operate - since 1986.


   We realize it might just be an out of whack glue problem when this happens.
   We invent new records in DNS (DEL-NS and DEL-A/DEL-AAAA) to end the parent
   child madness of copying things.
   We beef up resolvers to really understand RFC 2181's trustworthiness.
   We outlaw or define hybrid answers and document them clearly.

and there's always Joe's approach:

>  - everybody involved runs outside and lies down in front of the first bus
>  they can find, hoping that peace will come swiftly

No matter what the DNS outputs, if the glue is not updated correctly 
we will have problems.  That's the rool of the evil.  The secondary 
effect is 'it's a matter of how troubleshootable it is.'  If the glue 
is completely out of whack it'll be obvious.  When the glue is partly 
out of whack (like one address still works and the other doesn't) it 
takes an experienced hand to tell what's going on with the current 
set of tools and documentation.

Edward Lewis                                                +1-571-434-5468

Think glocally.  Act confused.

More information about the dns-operations mailing list