Understanding DNS Glue Records
Quick Definition: A DNS glue record is a type of DNS record used to resolve situations where the name server for a domain is located within the domain itself. DNS glue records help prevent infinite loops during DNS resolution by listing a nameserver’s associated IP address.
Whether you are new to networking or you’ve been in the industry a while, DNS (Domain Name System) can be a point of frustration. With terms like A records and TTL (time to live), there’s a lot to learn about DNS. One small mistake can have a drastic impact, so it's important to know what you’re dealing with.
The component of the Domain Name System we’ll focus on today is called DNS glue records, which are also sometimes known simply as additional records. In short, glue records help prevent infinite loops during DNS resolution.
Understanding Glue Records in DNS
DNS resolution involves one system sending a query to another, often a few different systems, to determine the IP address of and route to the intended host. While the process is relatively simple, there is a chance that the DNS resolution can enter a never-ending loop when it encounters the authoritative nameserver.
DNS glue records help prevent that by providing enough additional information to exit the loop; hence, they are also referred to as additional records.
Let’s look at an example. You just set up your own site with a domain called “yournetwork.com,” and you are using nameservers “ns1.yournetwork.com” and “ns2.yournetwork.com”. Throughout the DNS resolution process, ns1.yournetwork.com needs to resolve yournetwork.com, which would loop back to ns1.yournetwork.com to resolve, thus creating our loop.
This is where DNS glue records come into play. During the DNS resolution process, glue records provide the IP addresses for ns1.yournetwork.com and ns2.yournetwork.com, which eliminates the need to resolve the nameservers again. While glue records are not necessarily mandatory, they are crucial to avoid infinite loops during DNS resolution for domains with nameservers on the same domain.
Verifying DNS Glue Records
So now that we know these glue records or additional records exist, how do we view them? How can we verify the most current glue records? If you’re looking for glue records on domains you don’t manage, an easy way involves a quick command line entry. Type the following and hit enter:
dig +trace +additional Google.com SOAYou should get a relatively large response, but the information we are looking for should be near the bottom of the results. You should have nameservers on the left, an indication of whether it’s an A record or AAAA record in the middle, followed by an IP address on the right.
If you are looking for existing glue records for a domain you own or manage, or you want to add glue records for a domain you own or manage, you can do so from the graphical user interface (GUI) of your domain registrar’s site.
The exact step-by-step instructions may vary depending on which provider you use to manage your domain, but the overall process will likely look something like this:
Log in.
Select the domain whose records you want to modify.
Click on the option that allows you to modify records. (it should be something like “manage” or “nameservers”)
Enter the nameserver and IP address.
Save your changes.
Keep in mind DNS changes can take some time to fully propagate, so any modifications or additions to your domain’s glue records may not be useful for anywhere up to 48 hours.
Example of DNS Glue Record
Using our command line entry from earlier, go ahead and type dig +trace +additional Google.com SOA into your command line or terminal, and hit enter. Looking toward the end of the results, you should see several entries that look like this:
ns1.google.com | A | 216.239.32.10 |
ns3.google.com | A | 216.239.36.10 |
ns4.google.com | A | 216.239.38.10 |
These are real DNS glue records. This is what helps prevent an infinite loop during the DNS resolution process since the nameservers have their associated IP addresses listed alongside. It doesn’t take a whole lot to prevent a big issue, but this example also highlights just how impactful having or lacking information can be when dealing with DNS records.
What are the Best Practices for Managing Glue Records?
Similar to managing other DNS records, the importance of validating your DNS glue records for accuracy cannot be overstated. Validate that the nameservers and corresponding IP addresses are accurate when you initially set them up, and periodically validate for accuracy as well.
If you experience issues with your DNS glue records, you can try running the modified dig command we used earlier. You can also try pinging each IP address corresponding to their listed nameservers to confirm they are online and accessible.
Conclusion
If your domain uses nameservers on the same domain, it is crucial to add glue records to your DNS records to avoid infinite loops during DNS resolution. These records are relatively simple to add and modify.
DNS glue records can be verified in several different ways, such as confirming through your domain registrar’s GUI and using the dig command in a terminal. Because they are DNS records, glue records may take as long as 48 hours to propagate fully.
To learn more about DNS records, check out our course Implement Domain Name System (DNS) with Garth Schulte.
delivered to your inbox.
By submitting this form you agree to receive marketing emails from CBT Nuggets and that you have read, understood and are able to consent to our privacy policy.