More 8.3.3 EDNS weirdness
Doug Barton
DougB at DougBarton.net
Thu Jul 11 22:49:14 UTC 2002
Ok, here is another weird one. I had users complaining that they could not
get to a site, even though it worked from "other places." I took a look at
their name servers, this time, I remembered to add the +dnssec option to
dig in order to determine that it was indeed an edns problem. The other
site was using BIND 8.2.3, so I contacted them and suggested that they
upgrade to 8.3.3 as well, and they did.
Now it's a couple days later, and I'm still getting complaints. So, I test
their machines, and sure enough, they are running 8.3.3. Then I test the
lookups with dig logged into my resolvers, with and without +dnssec, and
it works just fine. However, my resolvers still time out when I query THEM
for information about the zone. So, thinking that maybe something got
"stuck" in the cache regarding those name servers, I tried stopping and
restarting one of my resolvers to see if that helps, and voila. Now I can
look up names in that zone all day long.
So, is there something weird going on in 8.3.3, or am I just cursed? :)
--
"We have known freedom's price. We have shown freedom's power.
And in this great conflict, ... we will see freedom's victory."
- George W. Bush, President of the United States
State of the Union, January 28, 2002
Do YOU Yahoo!?
More information about the bind-users
mailing list