bind 9 ignores new data / TTL ?
Barry Margolin
barmar at alum.mit.edu
Wed Mar 3 18:49:08 UTC 2004
In article <c257cp$2p1l$1 at sf1.isc.org>,
hve at blasberg-computer.de (Hagen von Eitzen) wrote:
> Or a better understanding of what the real problem is? I tend to
> suspect that the source of evil might be that
> ns1.obsolete.example/ns2.obsolete.example still (wrongly) claim to be
> authoritative. Could that be right?
Yes. Every time your server sends a query to ns1/2.obsolete.example,
the answer includes NS records in the Authority section. These are used
to update the cache, which resets the TTL.
> But shouldn't the delegation of foo.example be rechecked from the
> example zone rather than from the (according to the cache to be
> validated) authoritative servers?
No, the only time the parent domain server is queried is when you don't
have NS records for the subdomain in the cache.
The right solution is that when a domain is migrated to new nameservers,
it must be removed from the obsolete servers (it's best to make them
slaves of the new servers for a short period of time, to make the
transition perfectly smooth).
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
More information about the bind-users
mailing list