No authority for serving glue records.
Kevin Darcy
kcd at daimlerchrysler.com
Wed Jan 29 19:10:14 UTC 2003
Pawel Rogocz wrote:
>Hi,
>I have a qustion about bind behavior when it encounters glue records
>outside of authority of the currently queried server.
>Let's say I am trying to resolve time.com
>so at some point I am talking to one of the authoritative servers
>for .com, as I follow the delegation from root servers:
>
>$ dig time.com @H.GTLD-SERVERS.NET
>
>;; AUTHORITY SECTION:
>time.com. 172800 IN NS NS.PATHFINDER.com.
>time.com. 172800 IN NS NS2.PATHFINDER.com.
>time.com. 172800 IN NS NS3.TIMEINC.NET.
>time.com. 172800 IN NS NS4.TIMEINC.NET.
>
>;; ADDITIONAL SECTION:
>NS.PATHFINDER.com. 172800 IN A 209.251.208.19
>NS2.PATHFINDER.com. 172800 IN A 209.251.208.20
>NS3.TIMEINC.NET. 172800 IN A 205.188.238.92
>NS4.TIMEINC.NET. 172800 IN A 205.188.238.156
>
>
>so the server gives me four glue records, but it has no authority for
>two of them at they are outside .com.
>
>What the next step is going to be ?
>Putting the original query on hold and try to resolve names from .net,
>or it will go ahead and try to use one of the two "good ones" possibly
>ignoring the other two ? What if the servers in .com are not reachable,
>will ever try to use the .net servers ?
>
It'll use whatever glue it gets without discriminating by TLD. If it
encounters better, more "credible" information about the relevant names,
it'll overwrite whatever glue records it may have cached.
- Kevin
More information about the bind-users
mailing list