[H-SASIG] Move of Excalibur

[Raymond Smith]

Folks:

2010/1/1 Russell Stuart <russell-humbug at stuart.id.au>:
> On Fri, 2010-01-01 at 03:02 -0500, Robert Brockway wrote:
>> The glue record is really just an A record in the parent zone file, so the
>> TTL of the parent zone applies.
>
> There is no doubt clients who read the glue record get the glue record's
> TTL.  But the question is when if ever, is the glue record itself
> updated in the parent zone.  My guess is the glue record is treated as
> authoritative, and thus never times out.

Glue records are under the control of the delegating domain. Nothing
we do in our zone file for humbug.org.au can affect the glue records,
you must modify them in the delegating domain[1]. In our case, that
means going through a registra to get the glue in .org.au
appropriately updated.

When I last did this, many moons ago, it was a simple matter of
logging into the Registra's website with the "domain password/key" and
updating the name server entries. It sounds like Russell has tried to
do this, but for some reason Enetica is not updating the glue record.
It could mean anything. Perhaps Enetica has humans verify changes to
glue records? A phone call is probably required.

It may be best to get Mark Suter to do this as he is the listed
technical contact.

Incidentally -- I think a better setup would be to list ns2 and ns16
for our domains and omit all humbug.org.au names servers. This assumes
that zoneedit.com can be told to pull its zone from a master based on
IP address. That way you do not need to care about glue records at
all.

Cheers,

Raymond
[1] This is borne out by _DNS and Bind_ 3rd Edition (ISBN
1-56592-512-2) which shows an example where fx.moves.com. has its sole
name server ns1.fx.movies.com. with glue records in the moves.com.
zone.  See also
http://neuralfibre.com/paul/it/dns-ns-records-are-not-glue-records-or-how-to-break-your-dns-delegation