bind bug? Servers loosing all but 1 ns record
Kevin Darcy
kcd at daimlerchrysler.com
Tue Jan 9 01:16:32 UTC 2001
Mike Ireton wrote:
> Hello all, I have a devil of a problem to share with you:
>
> My domain is 'atomic-ether.net', and I've got two name servers -
> ns1.atomic-ether.net and ns2.atomic-ether.net. About 6 weeks ago, the
> ns1 machine went away, and I figured that I could just let it slide for
> a while until I have the energy to put an 'ns1' back on the air (this is
> for a home lan connected via dsl).
>
> There appears to be a problem in that some remote name servers
> eventually 'forget' an ns record for mydomain, so if you query them,
> they will return the following:
>
> > set q=ns
> > atomic-ether.net
> Server: ns1.sonic.net
> Address: 208.201.224.11
>
> Non-authoritative answer:
> atomic-ether.net nameserver = NS2.atomic-ether.net
> atomic-ether.net nameserver = NS1.atomic-ether.net
>
> Authoritative answers can be found from:
> NS1.atomic-ether.net internet address = 209.218.202.226
>
> WHY does it only return the pointer for 'ns1.atomic-ether.net'? That
> means, in order to resolve 'ns2.atomic-ether.net', it's first got to be
> able to resolve 'atomic-ether.net', which means it can only get to
> 'ns1', which is off the air.....
Looks like ns1.sonic.net is violating RFC 2181 here, which specifies that
nameservers must not hand out partial RRsets. This is hardly surprising,
though, since apparently ns1.sonic.net is running BIND 4.9.7-REL. If you have
any clout with them, tell them to upgrade.
> The zone file for 'atomic-ether.net' is included for reference:
> @ IN SOA atomic-ether.net.
> qix.atomic-ether.net. (
> 2001010600 ; serial
> 86400 ; refresh
> 3600 ; retry
> 3600000 ; expire
> 300 ; default_ttl
> )
> @ 86400 IN NS ns1.atomic-ether.net.
> @ 86400 IN NS ns2.atomic-ether.net.
> @ IN A 127.0.0.1
Is there some legitimate purpose for pointing "atomic-ether.net" to the
loopback address?
> @ IN MX 10 ns2.atomic-ether.net.
> @ IN MX 20 core.sf.bayoffice.net.
> ns1.atomic-ether.net. IN A 209.218.202.226
> ns2.atomic-ether.net. IN A 209.218.202.227
> ns1 IN A 209.218.202.226
> ns2 IN A 209.218.202.227
> mx IN A 209.218.202.226
> www IN A 209.218.202.226
> 224 IN PTR net-209-218-202-224/27.atomic-ether.net.
Why have the above PTR without a matching forward entry?
> 226 IN PTR ns1.atomic-ether.net.
> 227 IN PTR
> ns2.atomic-ether.net.
- Kevin
More information about the bind-users
mailing list