bind bug? Servers loosing all but 1 ns record

Kevin Darcy kcd at daimlerchrysler.com
Tue Jan 9 01:16:32 UTC 2001 

Mike Ireton wrote:

> Hello all, I have a devil of a problem to share with you:
>
>         My domain is 'atomic-ether.net', and I've got two name servers -
> ns1.atomic-ether.net and ns2.atomic-ether.net. About 6 weeks ago, the
> ns1 machine went away, and I figured that I  could just let it slide for
> a while until I have the energy to put an 'ns1' back on the air (this is
> for a home lan connected via dsl).
>
>         There appears to be a problem in that some remote name servers
> eventually 'forget' an ns record for mydomain, so if you query them,
> they will return the following:
>
> > set q=ns
> > atomic-ether.net
> Server:  ns1.sonic.net
> Address:  208.201.224.11
>
> Non-authoritative answer:
> atomic-ether.net        nameserver = NS2.atomic-ether.net
> atomic-ether.net        nameserver = NS1.atomic-ether.net
>
> Authoritative answers can be found from:
> NS1.atomic-ether.net    internet address = 209.218.202.226
>
>         WHY does it only return the pointer for 'ns1.atomic-ether.net'? That
> means, in order to resolve 'ns2.atomic-ether.net', it's first got to be
> able to resolve 'atomic-ether.net', which means it can only get to
> 'ns1', which is off the air.....

Looks like ns1.sonic.net is violating RFC 2181 here, which specifies that
nameservers must not hand out partial RRsets. This is hardly surprising,
though, since apparently ns1.sonic.net is running BIND 4.9.7-REL. If you have
any clout with them, tell them to upgrade.

>         The zone file for 'atomic-ether.net' is included for reference:
> @               IN      SOA     atomic-ether.net.
> qix.atomic-ether.net. (
>                         2001010600 ; serial
>                         86400 ; refresh
>                         3600 ; retry
>                         3600000 ; expire
>                         300 ; default_ttl
>                         )
> @       86400   IN      NS      ns1.atomic-ether.net.
> @       86400   IN      NS      ns2.atomic-ether.net.
> @               IN      A       127.0.0.1

Is there some legitimate purpose for pointing "atomic-ether.net" to the
loopback address?

> @               IN      MX      10      ns2.atomic-ether.net.
> @               IN      MX      20      core.sf.bayoffice.net.
> ns1.atomic-ether.net.           IN      A       209.218.202.226
> ns2.atomic-ether.net.           IN      A       209.218.202.227
> ns1             IN      A       209.218.202.226
> ns2             IN      A       209.218.202.227
> mx              IN      A       209.218.202.226
> www             IN      A       209.218.202.226
> 224             IN      PTR     net-209-218-202-224/27.atomic-ether.net.

Why have the above PTR without a matching forward entry?

> 226             IN      PTR     ns1.atomic-ether.net.
> 227             IN      PTR
> ns2.atomic-ether.net.


- Kevin

More information about the bind-users mailing list