[dns-operations] Reporting glue as authoritive data -- Bug!

Joe Abley jabley at ca.afilias.info
Fri Jan 25 18:13:37 UTC 2008

On 25-Jan-2008, at 11:39, Edward Lewis wrote:

>> No matter what the DNS outputs, if the glue is not updated  
>> correctly we will have problems.  That's the rool of the evil.  The  
>> secondary effect is 'it's a matter of how troubleshootable it is.'   
>> If the glue is completely out of whack it'll be obvious.  When the  
>> glue is partly out of whack (like one address still works and the  
>> other doesn't) it takes an experienced hand to tell what's going on  
>> with the current set of tools and documentation.

Out-of-date glue is going to cause headaches, no question.

However, there's a difference between the problem being simply a lame  
delegation at one of several available nameservers (which might well  
have no observable impact) and the problem manifesting itself as a  
random distribution of cached A records which looks like a cache  
expiry problem, but isn't.

I don't know that there's an answer to this, but at least I got to  
share my pain :-)

For anybody who was mystified by my use of "NUS" before, incidentally,  
it's "Neustar Ultra Services" -- the name of the group within Neustar  
that provides the services that most people still think of as  


More information about the dns-operations mailing list