Domain lookup only working from some DNS servers
Simon Waters
Simon at wretched.demon.co.uk
Tue Jan 21 04:16:45 UTC 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
David Aselford wrote:
> Interesting problem....
>
> The optusnet support team indicate that there is an error in
the wyari.net
> DNS configuration.
And they didn't give any hints?
Okay the two delegated names servers (dig @a.gtld-servers.net
wyari.net ns +short) are on the same network. If you don't
include the off-network server in the delegation no one will
find it when most needed - i,e, when your network is down or busy.
The server ns.internex.net.au is lame.
The domain internex.net.au has issues of it's own that could do
with resolving.
The TTL on the NS records cached at ns1.optusnet.com.au are
greater than the TTL for those records from the authoritative
servers, and since it is running BIND 9 I wondered have you
changed the wyari.net zone recently, and if so what changes? I
wonder if you had omitted the A records for the NS at some point
or similar?
I don't see any obvious show stoppers - it resolves from DNS
servers in UK fine.
The default TTL is fine, but the negative TTL for Wyari.net is
rather long. See documentation on $TTL and the meaning of the
last field of SOA.
Lots of authoritative servers involved also permit recursion,
shouldn't matter too much, but not considered best practice.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE+LMmpGFXfHI9FVgYRAjsqAKCWeGkJNVtfOxVHT8U8pRNYziyQ6gCfYgXR
e7VUmNpM2SUYbI3U9H6v/Yg=
=g3+R
-----END PGP SIGNATURE-----
More information about the bind-users
mailing list