In normal DNS resolution, when a resolver attempts to resolve a domain name, it first queries the root, which provides the top-level domain. Next, it queries the top-level domain servers, which provide the domain’s authoritative nameservers. Finally, it queries the authoritative nameservers for the domain to resolve the domain name. If the nameservers for a domain exist inside the domain itself, a glue record is needed to resolve the domain name.
What is a Glue Record?
A Glue Record is the IP Address of a name server at a domain name registry. Glue Records are fundamental parts of DNS records because they help to resolve DNS servers at a core level. If you would like to change the name servers for a site, you’ll have to provide the Glue Records for the new name serves. Without them, a domain name will not work because anyone requiring the DNS information will be stuck in a loop. There is a cyclic dependency of circular referencing. Circular references exist where the name servers for a domain can’t be resolved without resolving the domain they’re responsible for. Glue Records are additional A records that allow the DNS client to locate name servers.
When are Glue Records needed?
For example, let’s say your domain (yourdomain.com) is using ns1.nameserver.com and ns2.nameserver.com as name servers, but gridfast.net also uses ns1.nameserver.com and ns2.nameserver.com as name servers. This is how the cyclic dependency is created. To break the cycle, DNS systems use Glue Records.
You can also understand Glue Records by understanding A Records. An A record (an A address) is a DNS record that can be used to point your domain name and host names to a static IP address. For example, the A record for gridfast.net includes ns1.gridfast.net and ns2.gridfast.net and their IP addresses. These servers can be reached directly without any further resolution. For a domain name like CloudAccess.net, however, the root DNS servers pass the ns1.gridfast.net and ns2.gridfast.net nameservers, and a further chain of resolution is needed to resolve the DNS. This is when a Glue Record is needed.
So, what does all this mean? Let’s look at an example:
In this example, I will show the difference between having Glue Records and not having them. If you do not provide the registry with Glue Records, other nameservers trying to look up the IP address of example.com would ask the .com (TLD) nameservers for a referral, and encountering the following issue:
Browser: "Hi! I need the IP address of example.com, what is it? .com Nameserver: I don't know, but you can ask the nameserver. It was ns1.example.com the last time I checked. Browser: Okay! in order to send a query to ns1.example.com, I need the IP address. What is that? .com Nameserver: I don't know, ask the parent example.com Browser: I can't, I need an IP addressWhen you set a Glue Record at the registry, the DNS lookup will go more like this:
browser asks for the IP address.... Browser: Thanks! In order to send a query to ns1.example.com, I need the IP address. .com Nameserver: Yes, it's 192.0.2.0 the last time I checked. Browser: Thanks! I can see it now! Sending query.