[dns-operations] is glue expected in this case?

Karthikeyan Ravichandran Karthikeyan.Ravichandran at microsoft.com
Thu Jan 24 17:15:19 UTC 2019 

That said, the glue for name servers do complicate cases where a zone is re-delegated to different name servers. Of particular interest is cases where a zone has lots of changes between name servers/providers, one technique I have seen being used is to control the A record of the name server with a small TTL so that the name servers can be switched rapidly if the dns records are not consistent on both the source and the target name servers / providers. This technique obviously falls flat when A records are returned as glue records by the TLDs as a % of traffic can go to the name servers returned as glue records and these typically have huge TTLs.

Wondering what other techniques to achieve fast rollback of a delegation change for a zone 

Karthik
-----Original Message-----
From: dns-operations <dns-operations-bounces at dns-oarc.net> On Behalf Of Tony Finch
Sent: Thursday, January 24, 2019 4:34 AM
To: Veaceslav Revutchi <slavarevutchi at gmail.com>
Cc: dns-operations at dns-oarc.net
Subject: Re: [dns-operations] is glue expected in this case?

Veaceslav Revutchi <slavarevutchi at gmail.com> wrote:
>
> I would expect this glue to be present at the tld if 
> ns-1281.awsdns-32.org was one of the name servers for awsdns-32.org 
> which is not the case. Is there another reason for this record to be 
> kept in the org zone?

My understanding is that most (not all) registries use a data model with separate domain and host objects, and these registries require a host object to exist for any NS record that is a child of any of the TLDs in the registry. [.com, .net, and .edu share a registry, for example] Whether a host object has to have addresses is a bit unclear to me: the minimal requirement from the DNS is that an NS target should have glue if it is a child of the NS owner, but registries can require addresses in more situations than the DNS needs. There's also some complication about whether a host object in the registry is actually published in the zone (for instance glue should be omitted if the parent domain is cancelled so it isn't promoted to authoritative data, but there may be other more obscure cases).

Tony.
--
f.anthony.n.finch  <dot at dotat.at>  http://dotat.at/ strengthen the democratic process and ensure that there is a just and representative system of government _______________________________________________
dns-operations mailing list
dns-operations at lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
dns-operations mailing list
https://lists.dns-oarc.net/mailman/listinfo/dns-operations

More information about the dns-operations mailing list