2

Let me explain.

For example, you have a site, site.com, and on the domain provider service, you decide you want to have your own nameservers, and enter the new addresses.

You decide to let these nameservers have domain names, ns.site.com.

Now what happens if a client wants to resolve my.site.com, as far as i understand it, it (client and/or recursive DNS servers) will ask for authority for the second level domain record of site.com, pick the NS name from it, and resolve that to contact it.

Now we have set the nameserver to ns.site.com, which lays in it's own domain... wait, that's recursive.

This is exactly what I think could be a problem, how is it solved in the real world? Does/did this ever happen?

Shadowjonathan
  • 453
  • 4
  • 7

1 Answers1

1

From a nice post on serverfault

A glue record is a term for a record that's served by a DNS server that's not authoritative for the zone, to avoid a condition of impossible dependencies for a DNS zone.

Say I own a DNS zone for example.com. I want to have DNS servers that're hosting the authoritative zone for this domain so that I can actually use it - adding records for the root of the domain, www, mail, etc. So, I put the name servers in the registration to delegate to them - those are always names, so we'll put in ns1.example.com and ns2.example.com.

There's the trick. The TLD's servers will delegate to the DNS servers in the whois record - but they're within example.com. They try to find ns1.example.com, ask the .com servers, and get referred back to... ns1.example.com.

What glue records do is to allow the TLD's servers to send extra information in their response to the query for the example.com zone - to send the IP address that's configured for the name servers, too. It's not authoritative, but it's a pointer to the authoritative servers, allowing for the loop to be resolved.

Federico Galli
  • 908
  • 6
  • 16