Stale MX Records

[Brad Knowles]

At 5:07 PM -0400 6/15/01, Kris Haight wrote:

>  As far as the cacheing... How do I fix this?

	In the global "options" section in /etc/named.conf, add a line 
that says "recursion no;".

>  See my log cut and pastes below.

	Okay, I'll look at them.

>  Okay. I might just take DNS1.NHVT.NET out of the loop. It was orginally in
>  there just because it was some other provider besides here at the office
>  just incase my T1 goes down.

	It's a good idea to have a secondary nameserver that is outside 
of your own network.  However, it seems to me that you need to get 
the problems straightened out with your own servers, before you open 
up the zone to external servers which you may have little or no 
control over.

>  Here are my cut and pastes from my log files from the NS.MINDSPRUNG.NET
>  server. I dont know exactly what you are looking for, but here's the best I
>  can do.

	Let's look:

>  Jun 15 16:28:57 latte named[32668]: starting.  named 8.2.2-P7 Fri Nov 10
>  11:12:53 EST 2000
>  ^Iprospector at porky.devel.redhat.com:/usr/src/bs/BUILD/bind-8.2.2_P7/src/bin/
>  named
>  Jun 15 16:28:57 latte named[32668]: hint zone "" (IN) loaded (serial 0)
>  Jun 15 16:28:58 latte named[32668]: slave zone "fs.mindsprung.net" (IN)
>  loaded (serial 2001043002)
>  Jun 15 16:28:58 latte named[32668]: slave zone "firespout.com" (IN) loaded
>  (serial 2001050901)
>  Jun 15 16:28:58 latte named[32668]: listening on [208.176.94.126].53 (eth1)
>  Jun 15 16:28:58 latte named[32668]: Forwarding source address is
>  [0.0.0.0].1073
>  Jun 15 16:28:58 latte named.ext: named.ext startup succeeded
>  Jun 15 16:28:58 latte named[32669]: group = 25
>  Jun 15 16:28:58 latte named[32669]: user = named
>  Jun 15 16:28:58 latte named[32669]: Ready to answer queries.

	Hmm.  I don't see anything here that would give an indication as 
to why this machine would be answering non-authoritatively.  It seems 
to have loaded the zone fine, and there doesn't seem to be anything 
else shown.

>  I dont want to paste the entire log to you since it would be pages and pages
>  of stuff. I host several domains on the NS.MINDSPRUNG.NET server. I cant
>  seem to see any else in the log that would be apparent to the firespout.com
>  domain at all. I also dont know what you're looking for either.

	Problem is, we don't really know what we're looking for, either. 
However, it usually leaps out at you when you see the log entries.

	I'd say that if there was anything that said "non-authoritative" 
or "exceeded" in the log files, that might help us figure out what's 
happening and why.

-- 
Brad Knowles, <brad.knowles at skynet.be>

/*        efdtt.c  Author:  Charles M. Hannum <root at ihack.net>          */
/*       Represented as 1045 digit prime number by Phil Carmody         */
/*     Prime as DNS cname chain by Roy Arends and Walter Belgers        */
/*                                                                      */
/*     Usage is:  cat title-key scrambled.vob | efdtt >clear.vob        */
/*   where title-key = "153 2 8 105 225" or other similar 5-byte key    */

dig decss.friet.org|perl -ne'if(/^x/){s/[x.]//g;print pack(H124,$_)}'