Path: vixie!Pa.dec.com!bind-redist-request From: hubert@cac.washington.edu (Steve Hubert) Newsgroups: local.mail.dns.bind Subject: Re: When and why to use glue (was glue) Date: 2 Mar 1994 10:52:01 -0800 Organization: A blearily-installed InterNetNews site Lines: 43 Sender: daemon@vix.com Distribution: local Message-ID: X-To: info-bind@uunet.uu.net X-In-Reply-To: <2l2b0j$463@lastactionhero.rs.itd.umich.edu> X-Content-Type: TEXT/PLAIN; charset=US-ASCII On 2 Mar 1994, Bryan Beecher wrote: > hamjavar@unm.edu (Farid Hamjavar) asks: > > > >What's the rule [ for glue ] ? > > A glue record is an A record for a name that appears on the right-hand side > of a NS record. So, if I have this: > > itd.umich.edu. IN NS dns2.itd.umich.edu. > dns2.itd.umich.edu. IN A 141.211.164.3 > > then the second record is a glue record (for the NS record above it). > > You need glue records when -- and only when -- you are delegating authority > to a nameserver that "lives" in the domain you are delegating. In other > words, in the example above, I need to add an A record for dns2.itd.umich.edu > since it "lives" in the domain it serves. This boot-strapping information > is necessary: How am I supposed to find out the IP address of the nameserver > for domain FOO if the nameserver for FOO "lives" in FOO? Bryan's analysis is right on the mark as always. I hope I'm not just muddying the waters by mentioning this, but I've found the information useful. There is also a sort of implicit glue record that can be useful (or confusing). If the parent server (itd.umich.edu domain in example above) is a secondary server for the child, then the A record will be fetched from the child server when the zone transfer is done. The glue is still there but it's a little different, it's in the ip address in the named.boot line instead of explicitly in the data. In this case (common for us) you can leave out the explicit glue A record and leave the manually configured "glue" in just the one place in the named.boot file. So, a slightly revised rule for when you need a glue record is: You need glue records when -- and only when -- you are delegating authority to a nameserver that "lives" in the domain you are delegating *and* you aren't a secondary server for that domain. (Hope this helps more than hurts.) Steve Hubert Networks and Distributed Computing, Univ. of Washington, Seattle