I have been thinking of glue records as an a record for the nameserver higher up than the name server itself, a dns server higher up has to have a glue entry to provide the dns server address for that domain to resolve the dns if the dns server for that domain is from that same domain.
ex: if I say dns1.domain.com is authoritative for the domain.com in its zone file and list it with the domains registrar as a dns server for that domain, I need to feed my registrar glue information to create an A record for dns1.domain.com otherwise i'll have a circular lookup problem.
So what I'm believing to be happening right now is that a user tries to lookup www.domain.com
, the name servers listed at the registrar for that domain are dns3 & dns4.domain.com. The query goes from the root servers, to the tld servers, and the TLD server respond back with the name servers provided to the registrar, dns3.domain.com and dns4.domain.com. We're trying to look up a name from domain.com already so we obviously can't resolve dns3.domain.com. The glue record is there to break the circular problem and tells us that dns3.domain.com is 10.0.0.32. Now the query goes to 10.0.0.32 for www.domain.com
. The dns server is running a messed up zone file though where dns3.domain.com isn't listed as an NS record, only dns1.domain.com and dns2.domain.com. Now this conflicts with the glue information earlier as to what dns server would be authoritative for the domain. It seems as though some queries stop there and take the A record for www.domain.com
from that edited messed up zone file, others seem to take it a step further and have trouble with the dns servers listed at the registrar as responsible for the domain not being the ones listed as NS records in the domain's zone file. They go out and dig up the glue record for dns1&2 that are listed in the zone file and then start running their queries off the old server.
Sound like I have a decent idea of whats going on or am I just as lost as they are?
I'm just going to clean this mess up and make it all right but I guess I'm trying to figure out if their problem stems from the ns records in the zone file not matching the authoritative dns servers given to their registrar, or because the A records of the dns server in their zone file not matching the glue data given for those dns servers to their registrar, or both.