On Sun, 2021-06-06 at 11:54 -0700, Jack Craig wrote: > something i dont get, if my registrar provides glue references for > primary & secondary domain dns servers, what purpose is served by > anything in my host's named.conf (et al) having any reference to my > domain if it's not accessible/useful? > > i had thought that i should provide the primary server and my hosting > service provided secondary, but that leaves only the secondary os i > have only 1 responding The internet, at large, will always use your primary server. If it can't, it'll try your secondary server. Both of those servers are accessed by name, not numerical IP address, and those names have to be in some public DNS records, so people can find the IP addresses for them to connect to them. A glue record is a helping hand to find your primary server, when nothing else gives information about it. e.g. I try to look up linuxlighthouse.com. My system will find the root server for .com, then it will ask it who holds the records for linuxlighthose.com, get told ns.linuxlighthouse.com and then query whoever that was, for its IP address. The big gotcha is that .com will say linuxlighthouse.com is handled by a particular nameserver by that nameserver's *name* not its IP. So the person trying to find linuxlighthouse.com first has to find the IP for ns.linuxlighthouse.com. If the only server that knows that IP is ns.linuxlighthouse.com, itself, outsiders have no way to find out the IP of the nameserver to connect to it. Having your primary server as yourself, answering queries for itself, and nobody outside knowing it's IP to be able query it, is the quandary you find yourself in. How do you spell dictionary? Dunno, go look it up in the dictionary... Hence, the glue record. Querying .com will say ns.linuxlighthouse.com is handled by the holder of that gluerecord, we'll call it example.com (your registrar or other service provider). Your registrar will have records that everyone else can lookup, so they can find example.com's IP address. Now people can connect to your example.com registrar, your registrar's DNS server's glue record will give them the numerical IP of your ns.linuxlighthouse.com DNS server that they couldn't look up directly. And, then, after all that, they can find your DNS server and query it about linuxlighthouse.com. This is like borrowing $5 from someone who wants a favour from a third party before they'll give you it, and that third party wants a favour from a fourth party before they'll do the third party's favour, rinse, lather, repeat... In all seriousness, you're really doing this the hardest way possible. I would let your registrar be your primary and secondary DNS servers (they'll have more than one server), and have your IP addresses programmed into them. The public can query them. And just run your own name server for your own internal addresses, and for learning how things work. Your registar does not require you to run a DNS server to give them the information. The DNS records will be programmed directly into their DNS server. Either by them, manually, or automatically when you registered the domain name, or you'll have some webpage interface to enter and edit details. -- uname -rsvp Linux 3.10.0-1160.25.1.el7.x86_64 #1 SMP Wed Apr 28 21:49:45 UTC 2021 x86_64 Boilerplate: All unexpected mail to my mailbox is automatically deleted. I will only get to see the messages that are posted to the mailing list. _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
