Delegation Problem

Kevin Darcy kcd at daimlerchrysler.com
Fri Aug 11 23:58:28 UTC 2000 

On the first query, the caching nameserver (C) will only be using the
delegation NS'es. On subsequent queries, it uses the NS'es which it got from
the authoritative server (B), until they time out of its cache. So the fact
that it works the first time and not the second implies that B is giving out
bad NS data for the zone. If you query B for the NS'es of sails.mycomp.com,
what do you get? You should the same NS'es, or a superset, of the delegation
NS'es reported by A.

- Kevin

xlong at andrew.cmu.edu wrote:

> Hi,
>
> I have a problem with delegation in my internal network.  When a query is
> done through to a cache only remote name server to  a parent server for any
> host in a subdomain delegated to another child server, the Remote Name
> Server only reponds correctly for the FIRST query after it is RESTARTED.
>
> My configuration is:
>     Machine A is configured to be a root server, which owns the . zone,
>     It also owns the "mycomp.com" zone, and delegates the subdomain
> "sails.mycomp.com" to machine B. The  correspoing addr domain of IP
> addresses belong to subdomain "sails.mycomp.com" is also delegated to
> machine B.
>
>     Machine B is the primary name server for subdomain "sails.mycomp.com"
> and its cooresponding addr domain.  The hosts are :    m1.sails.mycomp.com,
> m2.sails.mycomp.com, m3.sails.mycomp.com.
>
>    When I lookup from another machine C, which uses a local  cache only name
> server and has the root server pointing to machine A.     It works only for
> the first query to any host in domain  "sails.mycomp.com" or its IP address
> after I restart the local name server,  teh following queries always return
> Domain Not Found, Server Failure.  This behavior is not related to the host
> I am looked for.
>
>     When I use the tcpdump to see the message, for the first query, it is
> correct.  The query is refered to the parent server (A), and then to the
> child server (B).
>
>     But for the following query, it seems the server in C only checks its
> cache, it does not even query server A.
>
>     However, when I lookup any machine and IP address in domain
> "sails.mycomp.com", locally in Machine B and remotely from Machine A,
> everything is OK.
>
>     The strange thing is, if I have previously done query in server A, which
> makes server A cache information of the delegated zone, then at C, I can
> correctly get the unauthorized answer from B.
>
>     Could anybody give me a hint where the problem is?
>
> Thanks
>
> Xindian
>
>
>
>

More information about the bind-users mailing list