TTL problem wih bind 8.3.6 cache

Thu Apr 28 22:47:30 UTC 2005

> Hello,
> 
> I have set up bind 8.3.6 (FreeBSD 4.9) and I have a problem with its caching
> features.
> 
> There is a domain opalmultimedia.sk, delegated to IP 195.168.11.130, for
> which bind sometimes forgets the delegation data - it knows the NS RR, but
> forgets the A RR.
> 
> (yes, there are some problems with the delegation, but I don't think they
> are causing my problem)
> 
> It happens, when I restart the server and first I ask for
> 'A www.opalmultimedia.sk' and then for 'MX opalmultimedia.sk':
> 
> uhlar at fantomas% dig www.opalmultimedia.sk @rns3
> 
> ;; ANSWER SECTION:
> www.opalmultimedia.sk.  38400   IN      CNAME   opal.opalmultimedia.sk.
> opal.opalmultimedia.sk. 38400   IN      A       195.168.11.130
> 
> ;; AUTHORITY SECTION:
> opalmultimedia.sk.      38400   IN      NS      opal.opalmultimedia.sk.
> 
> ;; ADDITIONAL SECTION:
> opal.opalmultimedia.sk. 38400   IN      A       195.168.11.130
> 
> uhlar at fantomas% dig mx opalmultimedia.sk @rns3
> 
> ;; ANSWER SECTION:
> opalmultimedia.sk.      38400   IN      MX      16 opal.opalmultimedia.sk.
> 
> ;; AUTHORITY SECTION:
> opalmultimedia.sk.      38400   IN      NS      opal.opalmultimedia.sk.
> 
> ;; ADDITIONAL SECTION:
> opal.opalmultimedia.sk. 38385   IN      A       195.168.11.130
>                         ^^^^^
>                         |||||
> It seems that BIND updates the NS record for the zone, as long as it came in
> AUTHORITY section, but does NOT update the A record, because it came in
> ADDITIONAL section. Then, in 38385 seconds, bind will know that
> multimedia.sk is delegated to 'opal.multimedia.sk' but won't know its IP
> address and thous won't be able even to find it.
> 
> Can anyone tell me, if this behaviour is correct? Did I made a mistake
> somwehere? Or, where lies the main problem, except the fact that the domain
> really should be delegated to more servers, probably in more domains? 
> 
> Thank you.
> 
> 
> I'm pasting records the server 195.168.11.130 returns, they seem OK to me.
> 
> uhlar at fantomas% dig www.opalmultimedia.sk @195.168.11.130
>                         
> ;; ANSWER SECTION:
> www.opalmultimedia.sk.  38400   IN      CNAME   opal.opalmultimedia.sk.
> opal.opalmultimedia.sk. 38400   IN      A       195.168.11.130
> 
> ;; AUTHORITY SECTION:
> opalmultimedia.sk.      38400   IN      NS      opal.opalmultimedia.sk.
> 
> uhlar at fantomas% dig mx opalmultimedia.sk @195.168.11.130
> 
> ;; ANSWER SECTION:
> opalmultimedia.sk.      38400   IN      MX      16 opal.opalmultimedia.sk.
> 
> ;; AUTHORITY SECTION:
> opalmultimedia.sk.      38400   IN      NS      opal.opalmultimedia.sk.
> 
> ;; ADDITIONAL SECTION:
> opal.opalmultimedia.sk. 38400   IN      A       195.168.11.130
> 
> 
> -- 
> Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
> Warning: I wish NOT to receive e-mail advertising to this address.
> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
> WinError #99999: Out of error messages.

	Fix your delegation.  The NS RRset differ between parent and
	child.

	Note nameservers cannot be CNAMES which ns.opalmultimedia.sk
	and ns2.opalmultimedia.sk are.
	
	Mark

opalmultimedia.sk.      86400   IN      NS      ns.opalmultimedia.sk.
opalmultimedia.sk.      86400   IN      NS      ns2.opalmultimedia.sk.
;; Received 107 bytes from 2001:610:240:0:53::193#53(NS.RIPE.NET) in 330 ms

opalmultimedia.sk.      38400   IN      NS      opal.opalmultimedia.sk.
;; Received 70 bytes from 195.168.11.130#53(ns.opalmultimedia.sk) in 719 ms

--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org