4

I have somedomain.com registered with Namecheap, and have successfully set up A records for ns1.somedomain.com and ns2.somedomain.com to be used as nameservers for other domains.

I have otherdomain.me registered with Godaddy. When I go into Godaddy's interface and tell otherdomain.me that its nameservers are going to be ns1.somedomain.com and ns2.somedomain.com, Godaddy's interface complains that those nameservers are not registered.

And indeed, if I go back to namecheap's "Nameserver registration" section and give it the IP addresses of ns1.somedomain.com and ns2.somedomain.com, Godaddy will then allow me to assign those nameservers to otherdomain.me without issue.

So I guess my question is twofold:

  1. Amy I correct in assuming that "Nameserver registration" is simply the friendlier term for creating glue records?

  2. If so, and given that glue records are supposed to be used to resolve circular dependencies (which I do not have), have major registrars perverted the purpose of glue records - turning them into a global database of "permitted" nameservers?

Nathan O'Sullivan
  • 460
  • 3
  • 12
  • 3
    Isn't it possible that GoDaddy simply could not resolve your `ns[12].somedomain.com` servers until you added the necessary glue records? – Steven Monday Apr 06 '11 at 01:21
  • Its possible GoDaddy could not resolve them I suppose, but they do resolve for me and one would expect a different message like "unable to resolve ns1.somedomain.com" – Nathan O'Sullivan Apr 06 '11 at 06:30

4 Answers4

2

Point 1 - Yes it is just another term, which merely adds unecessary confusion.

Point 2 - In addition to the A records each nameserver also needs to have a glue record. Seems like you simply missed that step until prompted to do so by the GoDaddy system. This comes under the heading of expected behaviour.

John Gardeniers
  • 27,458
  • 12
  • 55
  • 109
  • 1
    But *why* is it expected behaviour? Everything I've read about glue records says they exist to resolve circular dependencies (declaring ns1.mycompany.com and ns2.mycompany.com as the nameservers for mycompany.com) - my setup is not circular, so why would glue records be required? – Nathan O'Sullivan Apr 06 '11 at 06:29
  • @Nathan, the DNS system requires glue records. It's a simple as that. While you may not have any problems now, or at least none you are aware of (the GoDaddy system suggests otherwise), that doesn't mean they won't occur later, when things change. – John Gardeniers Apr 06 '11 at 08:12
  • 2
    This site is not Internet for Dummies. Everything has a reason, even if its just that an RFC says so. RFC1912 for example says the same thing as me - "Glue records are required only in forward zone files for nameservers that are located in the subdomain of the current zone that is being delegated." I have no idea who you are and "because I say so" is not an appropriate answer unless you authored the relevant specifications. – Nathan O'Sullivan Apr 06 '11 at 21:28
  • 1
    @Nathan, nowhere did I say "because I say so". If that's how you read it maybe you should read it again, properly this time. – John Gardeniers Apr 06 '11 at 21:41
2

Amy I correct in assuming that "Nameserver registration" is simply the friendlier term for creating glue records?

Indirectly, yes. You're really creating a host object in the registry which may or may not be used to create a glue record.

The EPP protocol does not strictly require an IP address when creating a host, but follows with:

"Hosts provisioned as name servers might be subject to server-operator
policies that require or prohibit specification of IP addresses,
depending on the name of the host and the namespace in which the server will be used as a name server."

However, to your point about not requiring IPs if glue is not necessary:

When provisioned for use as a name server, IP addresses are REQUIRED only as needed to produce DNS glue records. For example, if the server is authoritative for the "com" namespace and the name of the server is "ns1.example.net", the server is not required to produce DNS glue records for the name server, and IP addresses for the server are not required by the DNS.

For resolution it is not strictly necessary for the .me registry to require IPs for out-of-bailiwick nameservers, such as those in .com. I'm not clear on whether "server-operator policies" supersede that.

Whether or not the IP you provide for the host object creation is used as glue may also be determined by the nameserver software the registry is running. For example, BIND 8 will provide out-of-bailiwick glue while BIND 9 will not.

It may also be possible that the registry wants the IP by default but will not include out-of-bailiwick host records in the zone. Or that the registrar (godaddy) requires the IP address but only submits it to the registry as needed; this may be the case since godaddy deals with multiple registries, and it's just easier to always ask for the IPs. I don't really see that as a perversion. Maybe they're just trying to keep things simple on their side.

So, yeah, to answer your title question: A registrar asking for IPs to create out-of-bailiwick nameservers is not strictly necessary, but it may not be their fault.

Community
  • 1
Cakemox
  • 25,209
  • 6
  • 44
  • 67
1

The point of the glue record in this case is to allow the response for your domain (foo.me IN NS ns1.foo.com) to also include an additional record (ns1.foo.com IN A 1.2.3.4). Otherwise, you'd require at least one extra DNS transaction of every client (and realistically at least two on a client without any cache), which gets to be expensive. Depending on the policies of the TLD in question, glue records even for out-of-TLD domains may or may not therefore be required, just to reduce load on the TLD NSes. GoDaddy probably figured it was easier to just always require them, since it both prevents a situation where they violate a registrar agreement if the TLD's policy changes, and it also tends to speed access to customer sites.

Win-win, until you came along and complained. ;)

BMDan
  • 7,249
  • 2
  • 23
  • 34
1

  1. No, Name Registration is the Registrar creating an NS record for your domain in the TDL. For exmaple.com, they would create the "example" NS record in the COM domain. An NS record must point to another DNS server, if that DNS server is within the scope of the new domain, then it would create a circular dependancy (looking up example.com would point to example.com). To break this pattern Glue Records were introduced which allow TDLs to resolve name servers; the NS record for example.com would point to something like ns1.example.com, which the COM domain knows by a glue record points to IP 1.2.3.4 (all just examples).

    By extension, if your name servers exist in a domain other than the one you are registering then you don't need glue records. For instance, if domain.com was hosting the DNS for example.com then the NS for example.com would point to ns1.domain.com. The glue records for domain.com would then be used and you would not need additional records for example.com

  2. No, and you're venturing off into conspiracy theorist nut-job land. GoDaddy (and all domain registers I know of) will allow you to add as many glue records as you reasonably want (free too). I personally use GoDaddy, I have registered glue records with them, free, and it's not terribly complicate (although they do not call them glue records for whatever reason).

Chris S
  • 77,945
  • 11
  • 124
  • 216