named error

[Barry Margolin]

In article <7uqall$5m8$1 at resultra.sickkids.on.ca>,
Abdellah Djebli  <djebli at spartacus.sickkids.on.ca> wrote:
>Hi all;
>
>I have BIND 8.2 runing on RH6.0.
>when I do a lookup on the site www.medi-fax.com I get the error:
>Oct 17 04:18:12 ns1 named[1794]: ns_resp: query(medi-fax.com) 
>A RR negative cache entry (204.83.168.1:)
>Oct 17 04:18:12 ns1 named[1794]: ns_resp: query(medi-fax.com) 
>All possible A RR's lame
>
>If I stop and start named, it resolves fine. Few days later the same problem
>occurs.

The primary server for medi-fax.com is misconfigured:

% dig medi-fax.com ns @bob.net1fx.com

; <<>> DiG 2.2 <<>> medi-fax.com ns @bob.net1fx.com 
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10
;; flags: qr aa rd ra; Ques: 1, Ans: 1, Auth: 0, Addit: 0
;; QUESTIONS:
;;	medi-fax.com, type = NS, class = IN

;; ANSWERS:
medi-fax.com.	86400	NS	204.83.168.1.

This NS record is replacing the NS records that were learned from the root
servers, because records received from an authoritative nameserver are more
credible than referral records from the parent domain server.  But there's
no host named 204.83.168.1 (the clueless DNS administrator apparently
thinks you can put an IP address there).  So once this record takes over,
your server no longer knows how to query the real servers for the domain.

-- 
Barry Margolin, barmar at bbnplanet.com
GTE Internetworking, Powered by BBN, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.