Missing DNS Glue Records
(3 votes, average: 3.33 out of 5)
Loading ...Nominet host the authoritative Domain Name System (DNS) name servers for the .uk top-level domain. Put simply, a typical entry in our DNS consists of a domain name together with the addresses of any nameservers which are authoritative for that domain. However if one of the nameservers is actually contained within the domain it is authoritative for, then our DNS holds a glue record for that nameserver, which contains its IP address. Domain name registrars are continually sending us updates to the .uk DNS, registering new domains and amending the nameservers for existing domains.
Recently we discovered that for many months there has been an error in our software which updates the .uk DNS. In a rare set of circumstances we would not add a glue record to the DNS, even though it was required and had been provided by the registrar. This was brought to our attention by one registrar and corrected quickly.
I subsequently analysed our database to find how many DNS updates had been affected by this problem, so that I could then correct the DNS by applying the missing glue records. I found, out of the millions of DNS updates we had received between June 2007 and February 2008 (the duration of the problem), 120 had been affected by this problem.
In most cases these updates had been corrected by the registrars themselves within a couple of hours of the problem occurring, by sending in further updates, either containing the same nameserver details again, including the glue record details, or more often, containing different nameservers outside of the particular domain, and thus not requiring glue.
I actually only needed to apply the missing glue records to 17 domains, most of which had at least one nameserver outside the domain, and so had probably not noticed the missing glue record.
I found the reaction of most domain name registrars affected by this problem interesting. When they saw that the glue record had not made it into our DNS, rather than raise the problem with us they moved their domain to a nameserver not requiring glue. As soon as a registrar raised the problem with us we resolved it.
March 14th, 2008 at 5:12 pm
Given the number of bugs I have found (reported and subsequently verified by yourselves) in the Nominet EPP implementation, I’m not at all surprised.
I’m probably one of the smallest Nominet members (less than 100 domains on my tag) but in the two weeks I have spent writing an EPP client from scratch but with experience in interfacing with eNom and Tucows, I’ve bashed my head against my keyboard trying to figure out why something doesn’t work as documented, reported it and then found out it was something Nominet-side rather than a coding error on my part.
What scares me most is that if I’m the first person to discover these issues, none of the larger tag holders are adopting EPP yet as their primary method of Nominet data manipulation otherwise they would have found and reported them prior to myself or none have actually done any detailed testing with their code, or maybe no-one at Nominet has actually tried to write an interoperable EPP client to work against their EPP implementation; in fact, if some of the money earmarked for the Nominet Foundation had been spent on the development (outsourced to a 3rd party or otherwise) of an open-source EPP client, it would have saved myself and nearly all the other tag holders out there a lot of grief in having to write our own.
… and keeping on-topic, there is no documented method to remove glue from a nameserver object via an EPP Update command short of deleting the nameserver object and creating a new one.
Regards,
Terry Froy
(a frustrated Nominet tag holder)
March 27th, 2008 at 10:19 am
Hello Terry,
Thank you for your feedback. As you are aware, we have contacted you personally to address your concerns. We apologise for the frustration you have been experiencing and hope you are happy with the level of support we have provided since contacting you. If you have any further concerns or questions, please feel free to contact our registrar support by email at hostmaster@nominet.org.uk or by phone at (0) 1865 332211.
Thank you,
Charles Leneis
Team Lead - Registrar Systems Support