Why is stealth secondary queried for address of primary?
Bill Moseley
moseley at hank.org
Thu Jun 15 14:45:53 UTC 2000
At 07:12 PM 06/15/00 +1000, Mark.Andrews at nominum.com wrote:
>
> Well nameservers send out the current set of nameservers for the
> zone as found in the zone. If you want a server to be a stealh
> server don't list it in the zone or the parent zone.
Yes, I understand that. I used the wrong term -- I said stealth only
because it it's not listed in the root servers. I just haven't updated my
domain record yet.
Look at these numbers:
In eleven minutes after posting a message to this list I had 327 queries to
ns2.hank.org. Of those 327, 320 were for asking for the IP of ns1.hank.org.
XX /132.177.128.99/ns1.hank.org/A/IN
There were NO request for the IP of my other two (other three including
ns2) NS servers listed in my zone. Only requests to lookup ns1.hank.org.
NONE of those requesters (by IP number) went on to actually request
anything from ns1.hank.org once it had it's IP number -- so I'm not sure
why they bothered to ask.
Also, since ns2.hank.org is not listed in the root servers, the only way to
know that ns2.hank.org even exists is from asking ns1.hank.org or
ns2.granitecanyon.com (ns1.granitecanyon.com still has an old zone file
without ns2.hank.org listed). As far as reverse lookup, too additional
servers know about ns2.hank.org.
In that same time period, I had 177 requests to ns1.hank.org for A RR for
hank.org. This is completely expected from the spam checking that sendmail
does.
So I'm just curious what's going on with all these requests, specifically,
why the requests to ns2.hank.org for the IP of ns1.hank.org.
Bill Moseley
mailto:moseley at hank.org
More information about the bind-users
mailing list