Bind 9.3.2 can't resolve one domain
Jarek Poplawski
jarkap at poczta.onet.pl
Thu May 25 13:33:53 UTC 2006
Mark Andrews wrote:
>> Stephane Bortzmeyer wrote:
>>> On Sat, May 20, 2006 at 10:31:08PM +0200,
>>> Jarek <jarek at fake.address.from.pl> wrote
...
> Named will fall back to plain DNS if it gets no response
> to the EDNS query.
>
> In reality the remote nameserver is broken as it is not
> always returning a error code when it recieves a request.
> FORMERR is part of the base DNS specification and
> nameservers should be able to count on it being returned.
>
> EDNS has also been on standards track for ~7 years now.
>
> Mark
Hi!
If I understand correctly you think bind 9.3 is behaving as it
should but I'm not convinced. I tested it today with
MAX_EDNS0_TIMEOUTS 0 (also 1) in resolver.c, what I think should
effectively eliminate or decrease timeouts and there was no
improvement. After no-edns0 queries there were mainly
noanswer_responses in debug logs.
It is hard to comprehend, why these wrong DNS servers are
understand correctly in individual queries, but wrongly when
recursive lookup is done.
I think that lack of information in README or CHANGES of 9.3
version isn't helping, and some admins will blame bind 9.3 and
stay with 9.2 for that reason. What's more: forwarders from some
big providers don't see any problems with such domains also.
Jarek P.
More information about the bind-users
mailing list