nameserver registration

[David Miller]

On 6/18/2011 12:24 PM, Lyle Giese wrote:
> On 06/18/11 09:30, Jorg W. wrote:
>> Greetings,
>>
>> given my domain name is example.net, and my NS servers for 
>> example.net are:
>>
>> ns1.example.com
>> ns2.example.com
>>
>> But, example.com itself's NS servers are the registrator's (for
>> example, godaddy's).
>>
>> Under this case, I don't need any glue for ns[1-2].example.com.
>> But why I still need to register them in the .com NS servers?
>>
>> Thanks.
>>
>
> You are wrong.  You do need glue records.  Glue records registers the 
> ip address of your name server(s) with the root name servers.

Only TLDs/ccTLDs (com., org., xxx., etc.) insert name servers and glue 
into the root name servers.  All second level domains (example.com., 
example.net., etc.) insert name servers and glue into their parent 
TLD/ccTLD's name servers.

To be clear:
"name servers" are NS records
"glue records" are A/AAAA records that point to IPv4/IPv6 addresses for 
hostnames that are name servers.

>
> In this case the glue records are associated with ns1 and 
> ns2.example.com.  The name servers need to be registered with the 
> domain registrar for example.com and forwarded as glue records to the 
> root name servers for .com.

Root in DNS terms is ".".   Better to say "to the authoritative DNS 
servers for .com." or just "TLD/ccTLD name servers".

>
> Godaddy is a domain name registrar and does not run any root name 
> servers.  However, it is the responsibility of the domain name 
> registrars to make sure proper glue records are maintained for any/all 
> name servers used with a domain registered with them.

All domains, at every level, have to configure their records such that 
the tree can be walked from root to their domain.

Follow the "."s.

For: this.long.chain.example.com.

com. must be delegated by .
example.com. must be delegated by com.
chain.example.com. must be delegated by example.com.
long.chain.example.com. must be delegated by chain.example.com.
this.long.chain.example.com. must be delegated by long.chain.example.com.

The wikipedia article on DNS is quite good:  
http://en.wikipedia.org/wiki/Domain_Name_System

In the particular case of the OP - example.net. has name servers under 
example.com.

To make lookups for records under example.net., resolvers walk the tree 
from "." to "net." and get NS records - ns1.example.com. and 
ns2.example.com.

You can't insert glue records into net. for name servers that exist 
under com., so now resolvers walk the tree from "." to "com." to get the 
name servers for example.com. which in the OP's case are - GoDaddy name 
servers.

If there are no glue records in com. for ns1.example.com. and 
ns2.example.com., then resolvers will just ask the authoritative name 
servers for example.com. (which in the OP's case are - GoDaddy name 
servers) for the A/AAAA records for ns1.example.com. and 
ns2.example.com.  If the GoDaddy name servers provide A/AAAA records for 
ns1.example.com. and ns2.example.com., then resolution works and 
everyone is happy.

Glue is only required if that is the only way to traverse the tree to 
get to the IP addresses for the name servers for a domain.

Can someone point to an RFC or BCP that says that *all* name servers 
*must* have glue present in their parent?

-DMM