Difficult debug (long-ish)
Simon Waters
Simon at wretched.demon.co.uk
Wed Nov 20 14:09:10 UTC 2002
"Steven L. Sesar" wrote:
>
> The other strange behavior we see is that when
> querying dns1.onlinaccesscards.com for itself, it fails, ie:
>
> dig @dns1.onlinaccesscards.com dns1.onlinaccesscards.com
This is the crux of the problem.
First time through you pick up the GLUE record giving you an A
record for DNS1.
When it expires, the requests for an A record for dns1 will fail
to get a valid answer, getting a non-authoritative response from
gtld-servers.
The quick fix is to put dns1 back in the relevant zone file.
Although absence of dns2 will make the zone less reliable, I
don't believe you need a network outage to dns1 to make the
onlineaccesscards.com domain inaccessible to BIND 9 users as
Kevin suggests, it is broken by design ;-(
BIND 8 is happier to restart failed queries, and will end up
getting the right answer for the wrong reasons (for some
definition of "right") in this instance I believe.
More information about the bind-users
mailing list