More 8.3.3 EDNS weirdness
Mark_Andrews at isc.org
Mark_Andrews at isc.org
Fri Jul 12 00:37:59 UTC 2002
>
> Ok, here is another weird one. I had users complaining that they could not
> get to a site, even though it worked from "other places." I took a look at
> their name servers, this time, I remembered to add the +dnssec option to
> dig in order to determine that it was indeed an edns problem. The other
> site was using BIND 8.2.3, so I contacted them and suggested that they
> upgrade to 8.3.3 as well, and they did.
>
> Now it's a couple days later, and I'm still getting complaints. So, I test
> their machines, and sure enough, they are running 8.3.3. Then I test the
> lookups with dig logged into my resolvers, with and without +dnssec, and
> it works just fine. However, my resolvers still time out when I query THEM
> for information about the zone. So, thinking that maybe something got
> "stuck" in the cache regarding those name servers, I tried stopping and
> restarting one of my resolvers to see if that helps, and voila. Now I can
> look up names in that zone all day long.
>
> So, is there something weird going on in 8.3.3, or am I just cursed? :)
>
Doug you know better than to ask a question like this. Given
the number of ways people muck up their DNS configurations
its impossible to say what was wrong.
Mark
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at isc.org
More information about the bind-users
mailing list