Why is stealth secondary queried for address of primary?
Mark.Andrews at nominum.com
Mark.Andrews at nominum.com
Thu Jun 15 09:12:15 UTC 2000
Well nameservers send out the current set of nameservers for the
zone as found in the zone. If you want a server to be a stealh
server don't list it in the zone or the parent zone.
Mark
; <<>> DiG 8.2 <<>> soa hank.org @ns2.granitecanyon.com.
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4
;; QUERY SECTION:
;; hank.org, type = SOA, class = IN
;; ANSWER SECTION:
hank.org. 1D IN SOA mardy.hank.org. root.hank.org. (
2000061301 ; serial
1D ; refresh
1H ; retry
1W ; expiry
1D ) ; minimum
;; AUTHORITY SECTION:
hank.org. 1D IN NS ns1.hank.org.
hank.org. 1D IN NS ns2.hank.org.
hank.org. 1D IN NS ns1.granitecanyon.com.
hank.org. 1D IN NS ns2.granitecanyon.com.
;; ADDITIONAL SECTION:
ns1.hank.org. 1D IN A 63.205.225.170
ns2.hank.org. 1D IN A 63.205.225.174
ns1.granitecanyon.com. 11h14m8s IN A 205.166.226.38
ns2.granitecanyon.com. 14h40m7s IN A 209.166.62.198
;; Total query time: 836 msec
;; FROM: bsdi.dv.isc.org to SERVER: ns2.granitecanyon.com. 209.166.62.198
;; WHEN: Thu Jun 15 19:07:41 2000
;; MSG SIZE sent: 26 rcvd: 226
> After sending my last post I looked at my Bind log file -- I had query
> logging enabled on two of my DNS servers, ns1.hank.org and ns2.hank.org.
>
> Note that ns2.hank.org is not a RR in the root servers, only ns1, but ns2
> is listed in my zone file.
>
> Right after posting to this list I had a large number of queries to both
> servers, but I don't understand what was happening.
>
> ns1.hank.org was logging queries that looked like this:
>
> XX /195.60.31.20/hank.org/A/IN
>
> All were simply A queries for hank.org. This I would expect from various
> MTAs that saw my mail come through.
>
> But, on ns2.hank.org almost all of the queries looked like this:
>
> XX /132.177.128.99/ns1.hank.org/A/IN
>
> ns2.hank.org was being asked for ns1.hank.org's IP address.
>
> Is it possible that the MTA isn't trusting the lookup on ns1, so it's
> asking ns2 for the IP of ns1, just to make sure it asked the right server?
> But that doesn't make sense since the MTA wouldn't even know about
> ns2.hank.org (since all requests on ns1 were only for A records, not NS
> records).
>
> Besides, although the requests on both servers came in at the same time, it
> didn't look (by IP number) that requests on one server had a corresponding
> request on the other server.
>
> I'm sure there's a simple explanation.
>
> Thanks,
>
>
>
> Bill Moseley
> mailto:moseley at hank.org
>
>
--
Mark Andrews, Nominum Inc.
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at nominum.com
More information about the bind-users
mailing list