When I send out a DNS request for my.example.net, my DNS recursive server goes to the DNS root zone (or gets some cached value instead). That nameserver says "go look at the .net nameservers", and those in turn say "look at the example.net nameservers" and those in turn say "my.example.net is at xxx.xxx.xxx.xxx".
Wikipedia says that "Name servers in delegations are identified by name, rather than by IP address," and the necessity of glue records supports this.
Question 1:
I don't understand how the DNS root zone telling me to go to a.gtld-servers.net (or whatever the .net nameserver is) to resolve my.example.net can help, since the .net nameservers have .net in them and I don't have an IP address. Is it just a glue record at the TLD level?
Question 2:
If glue records are such a required part of DNS, why do delegations happen by hostname instead of IP address?
Answer
People who run recursive resolvers (e.g. Google with 8.8.8.8, or your ISP) need to have IP address of at least one root server provided - usually via hints file. Root server's IPs are documented by IANA and rarely change.
Makes it easier for non-root DNS servers to change IP, or to have multiple, or to give different IP to different regions / etc.
No comments:
Post a Comment