Hi Mike,
On 5 Sep 2015, at 0:34, Mike wrote:
Due to a recent fiber cut in northern california, I've stepped up my
plan to have one authoritative dns and backup mail exchanger located
on another network far, far away. I am sadly having immense trouble
with dotster understanding that I need to update the ip address of a
glue record, as I host my own stuff, for which their gui has no
abillity and which phone support says open a ticket for which the
e-mailed response was utter cluelessness, claiming they checked and
it's already set... yeah, you recursed and hit my existing ns which
gave you the answer, but it's the roots which need to know....
Some ideas:
1. You could just add a nameserver. There's no rule that says you have
to have exactly two. You could almost certainly have three. (There are
some registry-specific rules that specify the minimum and maximum
numbers, but I've never seen a registry where the maximum was two.) If
you add a new nameserver, and leave your existing two as they are,
you've achieved your diversity goal and avoided the problem you're
currently struggling with. Apply a touch of mind bleach, and you'll
forget that "glue records" are even a thing.
2. There's no universal answer to the question "how do I update glue
records in a parent zone". It depends on the registry, and the data
model they use to link all the various DNS and meta-DNS information they
store.
[Incidentally, it's almost never the root server operators that need to
know unless you're running a top-level domain (and even then, it's the
administrator of the root zone that needs to know, not the root server
operators). But when you said "roots" you didn't mean root servers, you
meant "operator of the registry for the parent zone".]
For registries that follow the data model that was originally used for
COM, NET and ORG, what you're looking for is a database operation
"modify host object" to happen at the particular registry that contains
that host object with addresses (a host object subordinate a the
registry apex, you could call it, somewhat inelegantly).
Once you've found the right registry, you need to figure out how to make
changes. Find the sponsoring registrar for the domain the host object is
subordinate to. That's the organisation you need to talk to.
For example,
QUIRKAFLEEG.NET
is a domain with the following listed nameservers:
[scallop:~]% whois quirkafleeg.net | egrep '^Name Server: .'
Name Server: NS1.P23.DYNECT.NET
Name Server: NS2.P23.DYNECT.NET
Name Server: NS4.P23.DYNECT.NET
Name Server: NS3.P23.DYNECT.NET
[scallop:~]%
If your whois client needs help in finding out what server to use, try
Rodney's very handy <tld>.whois-servers.net, e.g.
[scallop:~]% host net.whois-servers.net
net.whois-servers.net is an alias for whois.verisign-grs.com.
whois.verisign-grs.com has address 199.7.50.74
whois.verisign-grs.com has IPv6 address 2001:503:5ae2:1000::74
[scallop:~]%
If I decided I wanted to rename NS3.P23.DYNECT.NET, I would need to
identify the sponsoring registrar for the DYNECT.NET domain name:
[scallop:~]% whois dynect.net | egrep '^Registrar:'
Registrar: DYNAMIC NETWORK SERVICES, INC
[scallop:~]%
The registrant (the person who "owns" the domain) in this case is:
[scallop:~]% whois dynect.net | egrep '^Registrant'
Registrant Name: Dynamic Network Services
Registrant Organization: Dyn
Registrant Street: 150 Dow St, Tower 2
Registrant City: Manchester
Registrant State/Province: NH
Registrant Postal Code: 03101
Registrant Country: US
Registrant Phone: +1.6036684998
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: doma...@dyn.com
[scallop:~]%
So those are the people I would ask to rename (say) NS3.P23.DYNECT.NET.
Of course in this case they would say "haha, no" and probably advise me
to add a nameserver rather than trying to reconfigure their commercial
DNS service. But you get the idea; if the nameserver you want to rename
is subordinate to a domain name you have administrative control over,
you could interact with the registrar for the domain and make the
change.
The precise way a particular registrar will accept such a change varies
by registrar. Sometimes (I hear) the user interface involves phone calls
and shouting. But then you have a choice of registrar, if you can figure
out how to make transfers work.
If your domain and/or nameservers are not named under NET, ORG or COM,
the above may be useful or, quite possibly, completely irrelevant,
depending on factors that your registrar is in theory supposed to hide
from you. There are as many other data models as there are other TLDs,
almost-maybe, and I certainly don't know the details of all or even many
of them.
If this is sounding very XKCD-927, that's because it is. This is perhaps
why lots of people pay others to do this for them (registry/registrar
shenanigans and DNS hosting) so that they can live their lives with one
less thing to be angry about.
Joe