IETF Logo Mail Archive

Re: [DNSOP] DNS Terminology: Glue

Tony Finch <dot@dotat.at> Fri, 13 March 2015 16:05 UTC

Return-Path: <fanf2@hermes.cam.ac.uk>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 507C71A8AB3 for <dnsop@ietfa.amsl.com>; Fri, 13 Mar 2015 09:05:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.211
X-Spam-Level:
X-Spam-Status: No, score=-4.211 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3NaXQMwkpQyM for <dnsop@ietfa.amsl.com>; Fri, 13 Mar 2015 09:05:37 -0700 (PDT)
Received: from ppsw-50.csi.cam.ac.uk (ppsw-50.csi.cam.ac.uk [131.111.8.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CD1E71A8ADE for <dnsop@ietf.org>; Fri, 13 Mar 2015 09:05:27 -0700 (PDT)
X-Cam-AntiVirus: no malware found
X-Cam-ScannerInfo: http://www.cam.ac.uk/cs/email/scanner/
Received: from hermes-1.csi.cam.ac.uk ([131.111.8.51]:35540) by ppsw-50.csi.cam.ac.uk (smtp.hermes.cam.ac.uk [131.111.8.158]:25) with esmtpa (EXTERNAL:fanf2) id 1YWS5V-0001ea-pn (Exim 4.82_3-c0e5623) (return-path <fanf2@hermes.cam.ac.uk>); Fri, 13 Mar 2015 16:05:25 +0000
Received: from fanf2 by hermes-1.csi.cam.ac.uk (hermes.cam.ac.uk) with local id 1YWS5U-000393-V7 (Exim 4.72) (return-path <fanf2@hermes.cam.ac.uk>); Fri, 13 Mar 2015 16:05:24 +0000
Date: Fri, 13 Mar 2015 16:05:24 +0000
From: Tony Finch <dot@dotat.at>
X-X-Sender: fanf2@hermes-1.csi.cam.ac.uk
To: Shumon Huque <shuque@gmail.com>
In-Reply-To: <CAHPuVdXaNT7-_53WcMnb1DsfePN=XfER0oFV_5AAWjPmBpCTYA@mail.gmail.com>
Message-ID: <alpine.LSU.2.00.1503131555230.10193@hermes-1.csi.cam.ac.uk>
References: <m2vbi6ju6z.wl-Niall.oReilly@ucd.ie> <915A7EEB-CA46-41DC-AAC1-1B26E5BB227C@vpnc.org> <CAHPuVdXaNT7-_53WcMnb1DsfePN=XfER0oFV_5AAWjPmBpCTYA@mail.gmail.com>
User-Agent: Alpine 2.00 (LSU 1167 2008-08-23)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
Sender: Tony Finch <fanf2@hermes.cam.ac.uk>
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsop/N5PDBgbGSoQNWGb7LSh4fm4Axq0>
Cc: IETF DNSOP WG <dnsop@ietf.org>, Paul Hoffman <paul.hoffman@vpnc.org>
Subject: Re: [DNSOP] DNS Terminology: Glue
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Mar 2015 16:05:39 -0000

Shumon Huque <shuque@gmail.com> wrote:
>
> It might be worth also clarifying another thing. The definition states
> "These RRs are only necessary if", but doesn't clearly include or
> exclude the possibility that other address records for NS names that
> don't sit below the zone cut, and were gratuitously provided in the
> referral response, qualify to be called 'glue'. I think they should not
> be called glue (they don't meet my intuitive understanding of the
> meaning of 'glue', as gluing up a hole in the resolution path). But
> clarity on this point would be welcome.

In the additional section of a referral, address records for name servers
that are not in the delegated zone are not glue records. This is implied
by RFC 1034 section 4.3.2:

            Copy the NS RRs for the subzone into the authority
            section of the reply.  Put whatever addresses are
            available into the additional section, using glue RRs
            if the addresses are not available from authoritative
            data or the cache.  Go to step 4.

Section 4.2.1 classifies zone data into authoritative data, apex
authoritative data, delegations, and glue, and says glue is
non-authoritative. It also says glue records are only used as part of a
referral response, which is not the case for authoritative name server
address records.

Tony.
-- 
f.anthony.n.finch  <dot@dotat.at>  http://dotat.at/
Fair Isle, Faeroes, Southeast Iceland: Southerly 5 to 7, occasionally gale 8
in Faeroes, and occasionally severe gale 9 in Southeast Iceland. Very rough or
high, occasionally very high later in Southeast Iceland. Occasional rain, fair
for a time. Moderate or poor, occasionally good.

v2.23.0 | Report a Bug | By Email