My bank’s website is down right now, and it appears to be a glue record issue. This is interesting to me because (a) I would like to check something in my bank account and (b) glue records were far and away the hardest thing about DNS for me to understand.

Most people that read this blog already know this, but I’m bored and home sick so I’m going to write it up anyway. A glue record, in short, is a little known aspect of DNS that ties a domain name directly to an IP at the registrar (WHOIS) level, rather than the name server level. It’s useful if you want to host your own DNS, and here’s what it looks like when it fails (sorry for outing you, UFCU!):

$ ping ufcu.org
ping: cannot resolve ufcu.org: Unknown host
$ dig +short ufcu.org
;; connection timed out; no servers could be reached
$ host -t ns ufcu.org
;; connection timed out; no servers could be reached
$ whois ufcu.org | grep NS
Status:CLIENT TRANSFER PROHIBITED
Name Server:NS1.UFCU.ORG
Name Server:NS2.UFCU.ORG
Name Server:NS3.UFCU.ORG

As you can see, according to the WHOIS information, DNS information for ufcu.org can be found at ns1.ufcu.org. Which, since information about ufcu.org is exactly what we’re looking for, sends us into a loop:

What’s the IP for ufcu.org? Ask the name server ns1.ufcu.org. Okay, what’s the IP for ns1.ufcu.org so I can go ask? Ask the name server for ufcu.org (ns1.ufcu.org).

This is only a problem because the DNS for ufcu.org is self-referential. Enter the glue record. A glue record, as I mentioned above, bypasses the normal name server queries and directly provides an IP for a name server. You’ll never be able to complete a query for ufcu.org if you have to query ufcu.org for information about itself, so the registrar will hard code an IP for ns1.ufcu.org and hand that out when asked “What’s the IP for ns1.ufcu.org?”

Once you understand the loop a query would fall in to, glue records are easy. But the loop itself is hard to explain, and most of what I had trouble with. Aside from a missing one, the only other glue record problem I’ve run into is an incorrect one. Those are even more fun!

I now return you to your regularly scheduled day. Time for another popsicle and a nap for me!

ps. Their website is back up 🙂

“Miscellany” would make an awesome collective noun. Like a miscellany of Matuszeks, or a miscellany of collective nouns.

I’m pondering going back to school. I doubt I would actually go for more than one class any time soon, as I want to make sure I can actually finish this time. Right now I’m just trying to figure out what I would need to have in order to get back to it. I also need to find out if I could take time off for maternity.

Read the rest of this entry

I pay an extra $30 per month for this…

— google.com ping statistics —
714 packets transmitted, 391 packets received, 45.2% packet loss
round-trip min/avg/max/stddev = 31.228/49.364/129.503/18.189 ms

Testing out writing from an app. Excitement at its best, to be sure!

But can I add this adorable picture?

Hmmm

I’m still trying to make this blog accessible to real people but not spambots. I’ve turned off the password protection that was prompting (rather rudely) for people to enter a username/password when looking at the blog. It was an unintended consequence of password-protecting my admin area that I can’t figure out how to fix. Dad, I know you’ve been having some problems commenting. I’ll see if I can get around that next. If anyone has trouble commenting, please email me at mamatriumphant gmail com and I’ll see if I can get you straightened out.