BIND fails if one of 2 servers is bad?
Mark_Andrews at isc.org
Mark_Andrews at isc.org
Tue Sep 30 00:25:25 UTC 2003
> Running BIND 9.2.1 (RedHat 9), I get the following results:
>
> # dig counterpunch.org
>
> ; <<>> DiG 9.2.1 <<>> counterpunch.org
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 20001
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;counterpunch.org. IN A
>
> But when I do +trace I get:
>
> # dig counterpunch.org +trace
>
> ; <<>> DiG 9.2.1 <<>> counterpunch.org +trace
> ;; global options: printcmd
> ...
> org. 86400 IN NS TLD2.ULTRADNS.NET.
> org. 86400 IN NS TLD1.ULTRADNS.NET.
> ;; Received 116 bytes from 195.206.104.13#53(M.ROOT-SERVERS.ORSC) in 192 ms
>
> COUNTERPUNCH.ORG. 172800 IN NS NS.LEB.NET.
> COUNTERPUNCH.ORG. 172800 IN NS NS.DOLEH.COM.
> ;; Received 100 bytes from 204.74.113.1#53(TLD2.ULTRADNS.NET) in 35 ms
>
> counterpunch.org. 86400 IN A 38.117.146.196
> counterpunch.org. 86400 IN NS ns.leb.net.
> ;; Received 74 bytes from 206.127.55.2#53(NS.LEB.NET) in 108 ms
>
> So NS.LEB.NET is working and answers for the domain, but when I do the
> simple query (e.g. for normal web browsing) I get the server fail.
> (Presumably because NS.DOLEH.COM does not exist). Is my server somehow
> mis-configured? Seems like it should answer as long as one of the name
> servers is responding (isn't that the whole point of redundant servers?)
>
> Thanks for any advice,
>
> Andre
The listed nameserver is CNAME. This is the classic example why
named enforces NS not referring to CNAMES. It would require the
com servers to hold both the CNAME and the A record. It would
also require additional section processing to follow CNAMES.
Mark
; <<>> DiG 8.3 <<>> ns.leb.net @206.127.55.2
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 0
;; QUERY SECTION:
;; ns.leb.net, type = A, class = IN
;; ANSWER SECTION:
ns.leb.net. 1D IN CNAME leb.net.
leb.net. 1D IN A 206.127.55.2
;; AUTHORITY SECTION:
leb.net. 1D IN NS ns.leb.net.
;; Total query time: 258 msec
;; FROM: bsdi.dv.isc.org to SERVER: 206.127.55.2 206.127.55.2
;; WHEN: Tue Sep 30 10:19:41 2003
;; MSG SIZE sent: 28 rcvd: 72
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at isc.org
More information about the bind-users
mailing list