Bind-9 strangeness ?

phn at icke-reklam.ipsec.nu phn at icke-reklam.ipsec.nu
Mon Aug 18 23:23:47 UTC 2003 

Jonathan de Boyne Pollard <J.deBoynePollard at tesco.net> wrote:
> p>     Transaction ID: 0x2f87  ( *** NOTE 1 )
> p>     Transaction ID: 0x2f87  ( *** NOTE 1 )
> p> *** NOTE 1 ; TransactionID does not match, but these are the same question.

> It looks very much like it _does_ match.
Nope, it does not match the ID in the etherreal log, but the reason for
that is known by now (i did forget that i was observing two different
transactions :-) 

> p> *** NOTE 2 ; the answer is " 0011 = Reply code: No such name (3)"

> There's something very strange going on with one of the two
> "folkuniversitetet.se." content DNS servers.  212.73.12.10 publishes
> "no such name" errors for "folkuniversitetet.se." in response to 
> certain query types but not in response to others.  It also publishes 
> some resource record sets with TTLs of over 30 years.

> p> bind-8 does not seem to be affected by this.

> It probably just happened to pick the other server.

Nope, bind-8 seems unaffected IN THE SAME CIRCOMSTANCES ( where the only 
remaining nameserver answers "0011 = Reply code: No such name" ). While
bind-9 seems to erase all glue from it's cache bind-8 seems to keep glue
and thus be able to answer with existing cached data the next time a
question arrives.

The failing nameserver is a netware, and it seems to be a known problem
that it answers NXDOMAIN when in fact NOERR + #answers=0 should be the
correct one. 

My question is that although a nameservers has received "bad data" bind-8
seems to take less damage( and thus continue to be able to function) then
bind-9 ( who will flush it's memory for everything connected to the
bad data). From a functional standpoint, bind-8 will allow "wheels to turn"
while bind-9 will block the same wheels.
Why should bind-9 behaviour be considered "better" ?




-- 
Peter Håkanson         
        IPSec  Sverige      ( At Gothenburg Riverside )
           Sorry about my e-mail address, but i'm trying to keep spam out,
	   remove "icke-reklam" if you feel for mailing me. Thanx.

More information about the bind-users mailing list