Nameserver hosting – Two IPs per NS A record?

This crazy mind of mine was wondering whether it was technically possible to have two IPs per NS record, when hosting DNS data. Example:

hosteddomain.com
Pointing to nameservers:
ns1.dnshost.com
ns2.dnshost.com

dnshost.com
dig ns1.dnshost.com
A 127.0.0.1
A 127.0.0.2

Crude example, but hopefully you get the point. hosteddomain.com points to ns1 and ns2.dnshost.com whose corresponding A records return multiple IPs.

But what about GLUE? How can dnshost.com, assuming that its nameservers are “itself,” use multiple IPs on GLUE records? Well, GLUE records are basically just another DNS record type in their own right. There aren’t any specific RFCs I can find that say you can’t use more than 1 IP for a GLUE record; but that does not mean to say you necessarily should and whether it would even work!

But wait – I found an example in the wild!

dig ns0.ja.net
;; ANSWER SECTION:
ns0.ja.net. 172800 IN A 128.86.1.20
ns0.ja.net. 172800 IN A 193.63.94.20

 

dig ns ja.net @m.gtld-servers.net
;; AUTHORITY SECTION:
ja.net. 172800 IN NS ns0.ja.net.
ja.net. 172800 IN NS ns1.surfnet.nl.
ja.net. 172800 IN NS ns1.ja.net.
ja.net. 172800 IN NS ns2.ja.net.
ja.net. 172800 IN NS ns4.ja.net.

;; ADDITIONAL SECTION:
ns0.ja.net. 172800 IN A 128.86.1.20
ns0.ja.net. 172800 IN A 193.63.94.20
ns0.ja.net. 172800 IN AAAA 2001:630:0:8::14
ns0.ja.net. 172800 IN AAAA 2001:630:0:9::14
ns1.ja.net. 172800 IN A 194.81.227.226
ns1.ja.net. 172800 IN AAAA 2001:630:0:44::e2
ns2.ja.net. 172800 IN A 193.63.105.17
ns2.ja.net. 172800 IN AAAA 2001:630:0:45::11
ns4.ja.net. 172800 IN A 193.62.157.66
ns4.ja.net. 172800 IN AAAA 2001:630:0:47::42

So, yeah, ja.net have multiple I records for ns0.ja.net and they are pointing back themselves. Their GLUE records are reflecting those multiple IPs for ns0, and the domain is fully resolvable over many DNS clients without throwing any issues or errors.

As I say, I’m not sure of the legalities of such setup, so to speak, but it’d be an interesting way to add redundancy to an existing set of nameservers without mass updates – providing it works!

Leave a Reply

Your email address will not be published. Required fields are marked *