Re: [DNSOP] DNS Terminology: Glue
Casey Deccio <casey@deccio.net> Sat, 14 March 2015 02:22 UTC
Return-Path: <casey@deccio.net>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 09DAB1A8793 for <dnsop@ietfa.amsl.com>; Fri, 13 Mar 2015 19:22:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.378
X-Spam-Level:
X-Spam-Status: No, score=-1.378 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vegWTzPB1aBV for <dnsop@ietfa.amsl.com>; Fri, 13 Mar 2015 19:22:12 -0700 (PDT)
Received: from mail-ig0-x22c.google.com (mail-ig0-x22c.google.com [IPv6:2607:f8b0:4001:c05::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EC2031A882A for <dnsop@ietf.org>; Fri, 13 Mar 2015 19:22:06 -0700 (PDT)
Received: by igbue6 with SMTP id ue6so846815igb.1 for <dnsop@ietf.org>; Fri, 13 Mar 2015 19:22:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=deccio.net; s=google; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=PAa+aMzPD/O+EkM2BFy9sfFUl8Pl0nfzMHBtnOy7118=; b=H3FcOsjvA2ZR5Rq5pkI4PDeIxxFwxNluBoTa9xFaWTXMfK+js/cbZNUEZ5iroql9cE cD+8Mp5FNwlVP2spnUQljIGL9bWsoJvNVOneUDIh5XL1KVQNUSnpbzk3v6LiCw+a6KRF cmGBlxxncbwlBVJ22Lm1P+a3AKtTQuLSq3IL4=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=PAa+aMzPD/O+EkM2BFy9sfFUl8Pl0nfzMHBtnOy7118=; b=TN7I0anKwDKL+B2awQ5uuBQFDVlJxsDIwVq7eQ2r79f9i7Egzrj8BpJh5IN5DrjfJA lJnETZuKUy+GMP5AmQVY6M7xwEIhj0SMVRgoYErNkuVOfZy+uHk/Fgf9LQF15PAnOlcY n0R13rtOLuvY3HWSL+wNpGCJjhVJJmryNIQuQGoSE2WVOINaWnY7N8DetbpwDb1pn5xW MuBBhoaX1lHTihaeJMBf9+TINrM0OKlKAW0uZ3SJC5YkkfIwTSi+ZUSnWdnQz5P80u5I 3wCDwRl9FJsi/6mPrw0DOCraJ2k592oaxQWs3Mj+/J4DikDQqifY24JMjhfwoKV9EMzK GQFQ==
X-Gm-Message-State: ALoCoQmE54v6gKvKu0PmfiN47iLBQP471OZx4jLtgEDkxS/PvgvotFo2Y+uxftpagpUIXhwOTqwW
MIME-Version: 1.0
X-Received: by 10.50.78.131 with SMTP id b3mr115672486igx.0.1426299726321; Fri, 13 Mar 2015 19:22:06 -0700 (PDT)
Received: by 10.50.57.233 with HTTP; Fri, 13 Mar 2015 19:22:06 -0700 (PDT)
In-Reply-To: <93BB91D1-DECD-4445-AA82-395BBC19375C@vpnc.org>
References: <m2vbi6ju6z.wl-Niall.oReilly@ucd.ie> <915A7EEB-CA46-41DC-AAC1-1B26E5BB227C@vpnc.org> <E63D7C23-577C-4AA1-BE00-F90BD9E6E64E@blipp.com> <alpine.LSU.2.00.1503121758100.23307@hermes-1.csi.cam.ac.uk> <D3D9B423-8A7A-4703-882A-12DE4CB490C0@vpnc.org> <CAEKtLiS5PyMhEwUK7jY_CKSDYr+UOtD3cp_6JDLp6cSuN_DkQA@mail.gmail.com> <93BB91D1-DECD-4445-AA82-395BBC19375C@vpnc.org>
Date: Fri, 13 Mar 2015 22:22:06 -0400
Message-ID: <CAEKtLiSFQLNHUVo86=sryYoh1+FSJ5ZrReE=L2Y1sCE1+Mdy3w@mail.gmail.com>
From: Casey Deccio <casey@deccio.net>
To: Paul Hoffman <paul.hoffman@vpnc.org>
Content-Type: multipart/alternative; boundary="089e0111d15687f95105113648a2"
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsop/AREPS324-YNOSFT3WmJuDw9fTE8>
Cc: IETF DNSOP WG <dnsop@ietf.org>
Subject: Re: [DNSOP] DNS Terminology: Glue
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 14 Mar 2015 02:22:14 -0000
On Fri, Mar 13, 2015 at 7:00 PM, Paul Hoffman <paul.hoffman@vpnc.org> wrote: > Casey noticing the updated, wider definition in 2181 kinda throws a wrench > into the "what is not glue" discussion. Here is a proposed update to the > draft that includes both definitions and discusses the ramifications of the > update. > > Glue records -- Resource records which are not part of the > authoritative data [for a zone], and are address resource records for > the servers [in a subzone]. These RRs are only necessary if the name > server's name is "below" the cut, and are only used as part of a > referral response. (Definition from RFC 1034, section 4.2.1) > > A later definition is that glue "includes any record in a zone file > that is not properly part of that zone, including nameserver records > of delegated sub-zones (NS records), address records that accompany > those NS records (A, AAAA, etc), and any other stray data that might > appear". (Definition from RFC 2181, section 5.4.1) This definition > in RFC 2181 is wider than the one from RFC 1034, and bases the > definition on the contents of a zone file. Some implementers might > only be thinking about the earlier definition when they see rules > about glue records. > In the spirit of the statement (from the terminology draft): "Some of the definitions differ from earlier RFCs, and those differences are noted." I think noting the definitions in the two RFCs is good, but additional clarity is necessary to avoid perpetuating further confusion. The RFC 2181 definition of glue is under the section clarifying rules for "Data ranking". Whether it is attempting to restate the definition of glue generally or define glue for the the scope of this section/document alone, that is not the focus of the section. Anyway, this is clearly at odds with RFC 1034's definition. For example, RFC 1034 states that "[glue] RRs are only necessary..."--but delegation NS records are always necessary (i.e., there is no "if..."). Also, the RFC 1034 (section 4.2.1) text immediately preceding that quoted in the "Glue records" states: "In particular, if the name of the name server is itself in the subzone, we could be faced with the situation where the NS RRs tell us that in order to learn a name server's address, we should contact the server using the address we wish to learn. To fix this problem, a zone contains 'glue' RRs...". Understanding the motivation for glue helps us understand the definition of glue, which is clearly for the address records. Here is some proposed rewording that attempts to capture that: Glue records -- Records "which are not part of the authoritative data [for a zone], and are address resource records for the servers [in a subzone]. These RRs are only necessary if the name server's name is "below" the cut, and are only used as part of a referral response. Without glue "we could be faced with the situation where the NS RRs tell us that in order to learn a name server's address, we should contact the server using the address we wish to learn." (Definition from RFC 1034, section 4.2.1) The term "glue" is sometimes incorrectly used to refer to other resource records that are related to a delegation, such as address records included with a referral which are not strictly necessary due to the server's domain name falling below the zone cut, delegation or authoritative name server (NS) records (i.e., above or below the zone cut), or delegation signer (DS) records. RFC 2181 (section 5.4.1) denotes glue as "any record in a zone file that is not properly part of that zone, including nameserver records of delegated sub-zones (NS records), address records that accompany those NS records (A, AAAA, etc), and any other stray data that might appear". This definition is explicitly applied to the use of the term within the document itself. However, its application beyond the document is questionable because of its contrast with both the motivation for an definition of glue in RFC 1034. Regards, Casey
- Re: [DNSOP] DNS Terminology: Glue Casey Deccio
- [DNSOP] DNS Terminology: Glue Niall O'Reilly
- Re: [DNSOP] DNS Terminology: Glue Zheng
- Re: [DNSOP] DNS Terminology: Glue Phillip Hallam-Baker
- Re: [DNSOP] DNS Terminology: Glue Paul Hoffman
- Re: [DNSOP] DNS Terminology: Glue Phillip Hallam-Baker
- Re: [DNSOP] DNS Terminology: Glue Paul Hoffman
- Re: [DNSOP] DNS Terminology: Glue Paul Hoffman
- Re: [DNSOP] DNS Terminology: Glue Patrik Wallström
- Re: [DNSOP] DNS Terminology: Glue Tony Finch
- Re: [DNSOP] DNS Terminology: Glue Paul Hoffman
- Re: [DNSOP] DNS Terminology: Glue Tim Wicinski
- Re: [DNSOP] DNS Terminology: Glue Niall O'Reilly
- Re: [DNSOP] DNS Terminology: Glue Shumon Huque
- Re: [DNSOP] DNS Terminology: Glue Paul Hoffman
- Re: [DNSOP] DNS Terminology: Glue Tony Finch
- Re: [DNSOP] DNS Terminology: Glue Shumon Huque
- Re: [DNSOP] DNS Terminology: Glue Evan Hunt
- Re: [DNSOP] DNS Terminology: Glue Paul Hoffman
- Re: [DNSOP] DNS Terminology: Glue Shumon Huque
- Re: [DNSOP] DNS Terminology: Glue Tim Wicinski
- Re: [DNSOP] DNS Terminology: Glue Edward Lewis
- Re: [DNSOP] DNS Terminology: Glue Edward Lewis
- Re: [DNSOP] DNS Terminology: Glue Paul Hoffman
- Re: [DNSOP] DNS Terminology: Glue Casey Deccio
- Re: [DNSOP] DNS Terminology: Glue Casey Deccio
- Re: [DNSOP] DNS Terminology: Glue Shumon Huque
- Re: [DNSOP] DNS Terminology: Glue Tony Finch
- Re: [DNSOP] DNS Terminology: Glue Casey Deccio
- Re: [DNSOP] DNS Terminology: Glue Paul Hoffman