Bind config problem ?
Jim Reid
jim at rfc1035.com
Wed Jun 14 19:17:20 UTC 2000
>>>>> "Per" == Per Weisteen <Per.Weisteen at hydro.com> writes:
Per> I'm not getting the reply I expect on this DNS server. Any
Per> ideas why ?
Per> $ nslookup -q=ns getronics.com.
Per> Server: bjartur.unison.no
Per> Address: 193.69.126.18
Per> Authoritative answers can be found from:
Per> COM
Per> origin = A.ROOT-SERVERS.NET
Per> mail addr = hostmaster.internic.NET
Per> serial = 2000061300
Per> refresh = 1800 (30M)
Per> retry = 900 (15M)
Per> expire = 604800 (1W)
Per> minimum ttl = 86400 (1D)
I wish people would stop using nslookup and use dig instead. Sigh.
The answer above is curious. It looks like your name server got a an
empty answer from root server, but with the root zone's SOA record in
the authority section of the reply. That suggests you looked up a
non-existent name. Could you have mistyped the command line in some
way so that the lookup was for a non-existent name? Or maybe nslookup
"helpfully" tacked on some name to "getronics.com" before making the
query? (That's just one of nslookup's endearing little quirks.)
Your version of nslookup is typically useless. It prints that SOA
record but doesn't seem to make it clear that the lookup presumably
failed NXDOMAIN, the answer section was empty and the SOA record came
in the authority section of the reply. All this would be blatantly
obvious if you'd used dig for the lookup.
When I use dig to ask your name server for getronics.com's NS records,
it answers correctly. Try using dig and see if it works for you. If
so, you know what to do with nslookup.. :-)
Per> Server is running bind 8.2.2
Upgrade to 8.2.2-P5. There are security holes in 8.2.2. See
http://www.isc.org/products/BIND/bind-security-19991108.html
More information about the bind-users
mailing list