Expire question

Barry Margolin barmar at genuity.net
Tue Apr 16 15:58:02 UTC 2002 

In article <a9hge9$bcl at pub3.rc.vix.com>,  <phn at icke-reklam.ipsec.nu> wrote:
>
>Rasmus Aaen <ra at back-bone.dk> wrote:
>
>> Hi all,
>
>> We have two nameservers responsible for our domain (byggeweb.dk). Both are
>> running BIND 8.3.1 on Win2000. The primary server is located at our office
>> and the slave is at a ISP hosting center, along with the webserver. Today
>> our office internet connection went down, and with it the connection to our
>> primary dns server. No problem, I thought; the slave name server will
>> continue resolving our domain. But alas! After about one hour the slave name
>> server expired the record, effectively shutting our website down. This is
>> what I don't understand, since the soa record for the zone has an expire
>> value of 10 days.
>
>> To get the website up again, I changed the zone type from slave to master on
>> the slave name server, which solved the problem. One of the suggestions to
>> prevent this in the future is to run both nameserves as masters, but I would
>> like to avoid having to sync the files manually.
>
>> Am I missing something, or is our name servers improperly configured?
>
>Do i understand you right : the local network with the slaveserver
>was isolated from Internet, and within one hour it lost capability
>to resolve the slave zone ?
>
>One possibility that strikes me is :
>the nameserver has a name "dns2.back-bone.dk." and the 'A' record
>for that name has teh embarrysing short TTLof one hour. Well,
>after one hour, it tries to get this info from Internet ( since it
>is not auth for "back-bone.dk." and fails. After this failure
>it's goes introverted and refuses to work. 

I think you're zoning in (no pun intended) on the problem, but I think it's
in the parent domain.  ns.dk.net doesn't seem to be giving out glue A
records for dns.back-bone.dk and dns2.back-bone.dk like it should:

% dig dns.back-bone.dk a @ns.dk.net +norec

; <<>> DiG 8.3 <<>> dns.back-bone.dk a @ns.dk.net +norec 
; (1 server found)
;; res options: init defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34465
;; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 2
;; QUERY SECTION:
;;	dns.back-bone.dk, type = A, class = IN

;; AUTHORITY SECTION:
back-bone.dk.		1d7s IN NS	dns.back-bone.dk.
back-bone.dk.		1d7s IN NS	dns2.back-bone.dk.

;; ADDITIONAL SECTION:
dns.back-bone.dk.	56m59s IN A	130.227.165.202
dns2.back-bone.dk.	56m59s IN A	195.215.12.120

;; Total query time: 101 msec
;; FROM: tools.genuity.com to SERVER: ns.dk.net  193.88.44.42
;; WHEN: Tue Apr 16 11:55:17 2002
;; MSG SIZE  sent: 34  rcvd: 99

-- 
Barry Margolin, barmar at genuity.net
Genuity, Woburn, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.

More information about the bind-users mailing list