Can I use glue records as authoritative answer if I cannot get the authoritative answer
When resolving ns1.jiasule.net.
, I get the glue records from the tld server (dig @113.207.76.78 ns1.jiasule.net
):
;; QUESTION SECTION:
;ns1.jiasule.net. IN A
;; ANSWER SECTION:
ns1.jiasule.net. 600 IN A 117.21.219.80
ns1.jiasule.net. 600 IN A 113.207.76.78
ns1.jiasule.net. 600 IN A 111.202.98.111
Since it is not the authoritative answer, I should query one of the IPs in the glue records to get the IP of ns1.jiasule.net
.
Is it allowed, as a fallback although it is not authoritative, to use the glue records if my query to those 3 IPs fails? (it actually happened)
Solution 1:
AFAIK the condition that not a single authoritative name server responds to your DNS queries should be treated as an error condition. You should investigate the cause of that and resolve that problem, rather than trying to find a work-around like that.
With regards to finding the cause of DNS problems: RFC 8906 may be of interest.
Also since DNS "solves" a lot of issues by extensive caching you may start by looking at the TTL settings in your zone file, as well as your SOA record. Generally using longer TTL's should reduce the load on your DNS servers and improve user experience. (See https://www.sidnlabs.nl/en/news-and-blogs/how-to-choose-dns-ttl-values for some background data.)
Unless you you have operational concerns and are planning on changing name servers and/or other DNS records frequently: increase the TTL of your NS
records and the associated A
records and possibly also any other records that are not intended to be changed frequently. The current values are really short...
dig SOA jiasule.net +multiline
jiasule.net. 10 IN SOA . mail.jiasule.net. (
1 ; serial
600 ; refresh (10 minutes)
180 ; retry (3 minutes)
1209600 ; expire (2 weeks)
180 ; minimum (3 minutes)
)