[dns-operations] Verisign won't delete obsolete glue records?

Brian Dickson brian.peter.dickson at gmail.com
Tue Mar 2 01:26:14 UTC 2021 

On Mon, Mar 1, 2021 at 4:41 PM Doug Barton <dougb at dougbarton.email> wrote:

>
> Thanks for the explanation about objects vs. host names. In this case
> it's not a third party that is using the old names, it's still us, so we
> don't want to "break" those delegations.
>
> Perhaps I didn't ask my question clearly enough. Let's take a delegation
> for example.com to ns1.example.info and ns2.example.info. There will be
> no host records at Verisign for those two names, right? So how are those
> delegation host names represented in the database, and why can't my
> now-obsolete glue records be represented the same way?
>

Okay, I think I understand better what you're asking.

My understanding is that, even though the delegation is to an off-TLD name
server, the registry still needs an object.
So, the glue rules mean that object will have a name, but not have any
addresses.

Those objects' names are basically first-come, first served.
But, if you rename them, the original name is no longer in existence.
At that point, if you wanted to, you could create a new object with the
now-vacated name.

(This may even be what you want to do, one way or another.)

I'm pretty sure you can't have different objects using the same name at the
same time.

And basically, if you want the other delegations to point to the
same/original IP, or to the new name, what you really want to do is rename
the host, not change the delegation of the domain.

(I'm assuming you want all the domains to point to a new name, and not have
any delegations pointing to the old name).

If you did the re-delegation first, that could be a bit tricky. You might
need to do the following:

   - Rename the new host record that was created to a throw-away name
   - Change the delegation to the original name (and re-connect to the
   original object)
   - Delete the now-unreferenced throw-away name
   - Rename the original object host to the new name you want to use for
   all your delegations

Repeat the above for each name server host name.

After the above steps, there will no longer be any host objects which are
children of the "primary" domain.

Thus, you won't need to try to delete anything, because the name will
already no longer exist. (The object will, but it will have a new name.)

Brian
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20210301/c61c7a53/attachment.html>

More information about the dns-operations mailing list