IETF Logo Mail Archive

Re: [DNSOP] DNS Terminology: Glue

Shumon Huque <shuque@gmail.com> Fri, 13 March 2015 16:21 UTC

Return-Path: <shuque@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A51DE1A901C for <dnsop@ietfa.amsl.com>; Fri, 13 Mar 2015 09:21:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OP1vluB_f6V8 for <dnsop@ietfa.amsl.com>; Fri, 13 Mar 2015 09:21:21 -0700 (PDT)
Received: from mail-qg0-x22b.google.com (mail-qg0-x22b.google.com [IPv6:2607:f8b0:400d:c04::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BA72A1A900A for <dnsop@ietf.org>; Fri, 13 Mar 2015 09:21:20 -0700 (PDT)
Received: by qgfl89 with SMTP id l89so27082174qgf.11 for <dnsop@ietf.org>; Fri, 13 Mar 2015 09:21:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:reply-to:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=1L9eqhGz38dhjvrav9zXrIlVyV+Kdhem7Gky0BuaKHc=; b=lLGOH9EqPTRKZ9oB53eDowP9UTTFSSml4SklXZMHHt6j8vco7XXCRFgEnCm3fIvc6V mzZEGFW+uHgZBDAwP25ccGjb9wYoddO+1A+UIzUseHAXw/ivYH/j10wdMcmwko9UtCWa 6X5KtwYFMfyd1UiQJBFiZgVWwMCna5ns2Bn4jD0iQ01qhUk+lyb9I6gGvxGfrF357Z0Y n/odUinLt0owpRkmkZqzwT1nGHs1D28nmjRJR25VWc+605Dqqa5SdzYnvvtBP7hbgCOA omqU5C/FqoqpEyQ1wKGBYqM0yrrhZ+opRAxDNMWL5PLM+NX2WMxg2VqjZnIdsHWJ9xl/ zmWg==
MIME-Version: 1.0
X-Received: by 10.140.38.197 with SMTP id t63mr59290530qgt.61.1426263679928; Fri, 13 Mar 2015 09:21:19 -0700 (PDT)
Received: by 10.140.94.105 with HTTP; Fri, 13 Mar 2015 09:21:19 -0700 (PDT)
In-Reply-To: <alpine.LSU.2.00.1503131555230.10193@hermes-1.csi.cam.ac.uk>
References: <m2vbi6ju6z.wl-Niall.oReilly@ucd.ie> <915A7EEB-CA46-41DC-AAC1-1B26E5BB227C@vpnc.org> <CAHPuVdXaNT7-_53WcMnb1DsfePN=XfER0oFV_5AAWjPmBpCTYA@mail.gmail.com> <alpine.LSU.2.00.1503131555230.10193@hermes-1.csi.cam.ac.uk>
Date: Fri, 13 Mar 2015 12:21:19 -0400
Message-ID: <CAHPuVdX+z=HvCpT+9+D81W0UP9x2nDej_pVhp8-Hg-gX_a2XDg@mail.gmail.com>
From: Shumon Huque <shuque@gmail.com>
To: Tony Finch <dot@dotat.at>
Content-Type: multipart/alternative; boundary="001a11c12986ff8d1905112de302"
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsop/sv_yTd63AaYZkNLBFc154qwxmzo>
Cc: IETF DNSOP WG <dnsop@ietf.org>, Paul Hoffman <paul.hoffman@vpnc.org>
Subject: Re: [DNSOP] DNS Terminology: Glue
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: shuque@gmail.com
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Mar 2015 16:21:22 -0000

On Fri, Mar 13, 2015 at 12:05 PM, Tony Finch <dot@dotat.at> wrote:

> Shumon Huque <shuque@gmail.com> wrote:
> >
> > It might be worth also clarifying another thing. The definition states
> > "These RRs are only necessary if", but doesn't clearly include or
> > exclude the possibility that other address records for NS names that
> > don't sit below the zone cut, and were gratuitously provided in the
> > referral response, qualify to be called 'glue'. I think they should not
> > be called glue (they don't meet my intuitive understanding of the
> > meaning of 'glue', as gluing up a hole in the resolution path). But
> > clarity on this point would be welcome.
>
> In the additional section of a referral, address records for name servers
> that are not in the delegated zone are not glue records. This is implied
> by RFC 1034 section 4.3.2:
>
>             Copy the NS RRs for the subzone into the authority
>             section of the reply.  Put whatever addresses are
>             available into the additional section, using glue RRs
>             if the addresses are not available from authoritative
>             data or the cache.  Go to step 4.
>

Ah, right. I see the implication. That's good. What I'd like to see is
something
clearer than the implication in the terminology draft definition. After
all, one
of the goals is to clear up confusion about the terms.


>
> Section 4.2.1 classifies zone data into authoritative data, apex
> authoritative data, delegations, and glue, and says glue is
> non-authoritative. It also says glue records are only used as part of a
> referral response, which is not the case for authoritative name server
> address records.


But a nameserver could also return a referral with address records that
aren't glue, but that they also aren't authoritative for (that sit in some
other
zone) - I believe these exist in the wild. I'm okay with not having a name
for such things (Paul's desire), but it would be nice to definitively
exclude
them from the definition of glue records.

Shumon Huque.

v2.23.0 | Report a Bug | By Email