SIBLING GLUE address records (A or AAAA)
Hi, In the following example, the authoritive server for zone .xx has configured the delegations of the zones example.xx and otherexample.xx: example.xx NS ns1.example.xx example.xx NS ns2.example.xx ns1.example.xx A 11.22.33.44 ns2.example.xx A 11.22.33.55 otherexample.xx NS ns3.example.xx otherexample.xx NS ns4.example.xx the bind report these messages: "ns3.example.xx has no SIBLING GLUE address records (A or )" "ns4.example.xx has no SIBLING GLUE address records (A or )" because the glue records are not configured in the zone .xx, for ns3.example.xx and ns4.example.xx Are these glue records requiered ? I understand that is not. Is this right ? Regards, -- Sergio R. ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: SIBLING GLUE address records (A or AAAA)
I would imagine the answer will be that they aren't required but would be helpful. Since the parent .xx is delegating to the second-level domains, if you do glue for all four DNS servers you are preventing a remote DNS server from having to go to the servers for example.xx to get the A records for the DNS servers for otherexample.xx. On Mon, Oct 5, 2009 at 3:59 PM, Sergio Ramirez wrote: > Hi, > > In the following example, the authoritive server for > zone .xx has configured the delegations of the zones example.xx > and otherexample.xx: > > example.xx NS ns1.example.xx > example.xx NS ns2.example.xx > ns1.example.xx A 11.22.33.44 > ns2.example.xx A 11.22.33.55 > otherexample.xx NS ns3.example.xx > otherexample.xx NS ns4.example.xx > > the bind report these messages: > > "ns3.example.xx has no SIBLING GLUE address records (A or AAAA)" > "ns4.example.xx has no SIBLING GLUE address records (A or )" > > because the glue records are not configured in the zone .xx, for > ns3.example.xx and ns4.example.xx > > Are these glue records requiered ? > > I understand that is not. Is this right ? > > Regards, > -- > Sergio R. > ___ > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users > -- -Ben Croswell ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: SIBLING GLUE address records (A or AAAA)
Thanks for the answer Ben, I agree. But the problem is if the administrator of zone example.xx decides to change the ip address of the ns3.example.xx and ns4.example.xx, the glue records will be wrong. -- Sergio R. Ben Croswell escribió: > I would imagine the answer will be that they aren't required but would > be helpful. > > Since the parent .xx is delegating to the second-level domains, if you > do glue for all four DNS servers you are preventing a remote DNS server > from having to go to the servers for example.xx to get the A records for > the DNS servers for otherexample.xx. > > > On Mon, Oct 5, 2009 at 3:59 PM, Sergio Ramirez <mailto:srami...@seciu.edu.uy>> wrote: > > Hi, > > In the following example, the authoritive server for > zone .xx has configured the delegations of the zones example.xx > and otherexample.xx: > > example.xx NS ns1.example.xx > example.xx NS ns2.example.xx > ns1.example.xx A 11.22.33.44 > ns2.example.xx A 11.22.33.55 > otherexample.xx NS ns3.example.xx > otherexample.xx NS ns4.example.xx > > the bind report these messages: > > "ns3.example.xx has no SIBLING GLUE address records (A or )" > "ns4.example.xx has no SIBLING GLUE address records (A or )" > > because the glue records are not configured in the zone .xx, for > ns3.example.xx and ns4.example.xx > > Are these glue records requiered ? > > I understand that is not. Is this right ? > > Regards, > -- > Sergio R. > ___ > bind-users mailing list > bind-users@lists.isc.org <mailto:bind-users@lists.isc.org> > https://lists.isc.org/mailman/listinfo/bind-users > > > > > -- > -Ben Croswell ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: SIBLING GLUE address records (A or AAAA)
Sergio Ramirez wrote: > Thanks for the answer Ben, I agree. > But the problem is if the administrator of zone example.xx > decides to change the ip address of the ns3.example.xx and > ns4.example.xx, the glue records will be wrong. That's why is usually a good idea to use nameservers under the domain name being registered, to "allow" the registry to request for the corresponding glue and add it to the parent zone. Kind Regards Sebastian Castro > -- > Sergio R. > > Ben Croswell escribió: >> I would imagine the answer will be that they aren't required but would >> be helpful. >> >> Since the parent .xx is delegating to the second-level domains, if you >> do glue for all four DNS servers you are preventing a remote DNS server >> from having to go to the servers for example.xx to get the A records for >> the DNS servers for otherexample.xx. >> >> >> On Mon, Oct 5, 2009 at 3:59 PM, Sergio Ramirez > <mailto:srami...@seciu.edu.uy>> wrote: >> >> Hi, >> >> In the following example, the authoritive server for >> zone .xx has configured the delegations of the zones example.xx >> and otherexample.xx: >> >> example.xx NS ns1.example.xx >> example.xx NS ns2.example.xx >> ns1.example.xx A 11.22.33.44 >> ns2.example.xx A 11.22.33.55 >> otherexample.xx NS ns3.example.xx >> otherexample.xx NS ns4.example.xx >> >> the bind report these messages: >> >> "ns3.example.xx has no SIBLING GLUE address records (A or )" >> "ns4.example.xx has no SIBLING GLUE address records (A or )" >> >> because the glue records are not configured in the zone .xx, for >> ns3.example.xx and ns4.example.xx >> >> Are these glue records requiered ? >> >> I understand that is not. Is this right ? >> >> Regards, >> -- >> Sergio R. >> ___ >> bind-users mailing list >> bind-users@lists.isc.org <mailto:bind-users@lists.isc.org> >> https://lists.isc.org/mailman/listinfo/bind-users >> >> >> >> >> -- >> -Ben Croswell > ___ > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: SIBLING GLUE address records (A or AAAA)
In message , Sergio Ramirez writes: > Hi, > >In the following example, the authoritive server for > zone .xx has configured the delegations of the zones example.xx > and otherexample.xx: > > example.xx NS ns1.example.xx > example.xx NS ns2.example.xx > ns1.example.xx A 11.22.33.44 > ns2.example.xx A 11.22.33.55 > otherexample.xx NS ns3.example.xx > otherexample.xx NS ns4.example.xx > > the bind report these messages: > > "ns3.example.xx has no SIBLING GLUE address records (A or )" > "ns4.example.xx has no SIBLING GLUE address records (A or )" > > because the glue records are not configured in the zone .xx, for > ns3.example.xx and ns4.example.xx > > Are these glue records requiered ? > > I understand that is not. Is this right ? > > Regards, > -- > Sergio R. > ___ > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users Whether SIBLING GLUE is needed or not depends on what other glue there is. Take this example. The sibling glue is required for the delegation to work. otherexample.xx NS ns3.example.xx otherexample.xx NS ns4.example.xx example.xx NS ns1.otherexample.xx example.xx NS ns2.otherexample.xx There are even more complicated examples that require out of zone glue to work. Working out which glue is accepted is a trade-off between being able to track down bad data and having a delegation work. Named accepts and returns glue that is under the parent. Bad glue is then traceable. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: SIBLING GLUE address records (A or AAAA)
> > On Mon, Oct 5, 2009 at 3:59 PM, Sergio Ramirez > <mailto:srami...@seciu.edu.uy>> wrote: > > example.xx NS ns1.example.xx > > example.xx NS ns2.example.xx > > ns1.example.xx A 11.22.33.44 > > ns2.example.xx A 11.22.33.55 > > otherexample.xx NS ns3.example.xx > > otherexample.xx NS ns4.example.xx > > > > the bind report these messages: > > > > "ns3.example.xx has no SIBLING GLUE address records (A or )" > > "ns4.example.xx has no SIBLING GLUE address records (A or )" > > > > because the glue records are not configured in the zone .xx, for > > ns3.example.xx and ns4.example.xx > > > > Are these glue records requiered ? > Ben Croswell escribió: > > Since the parent .xx is delegating to the second-level domains, if you > > do glue for all four DNS servers you are preventing a remote DNS server > > from having to go to the servers for example.xx to get the A records for > > the DNS servers for otherexample.xx. On 05.10.09 18:30, Sergio Ramirez wrote: > But the problem is if the administrator of zone example.xx > decides to change the ip address of the ns3.example.xx and > ns4.example.xx, the glue records will be wrong. otoh, if the administrator of example.xx decides to remove ns3 and ns4, otherexample.xx won't be able to resolve. Imho, the sibling glue records are bad, just because of your example. They should not be put in domain - only example.xx maintainer should be allowed to put glue records for example.xx into the .xx zone and only when they are used for .xx zone. And imho, domains should not be registered on servers that do not have their glue records in the proper zone, .xx or other. That would spare servers from many useless lookups. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Nothing is fool-proof to a talented fool. ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
