TTL problem wih bind 8.3.6 cache
Matus UHLAR - fantomas
uhlar at fantomas.sk
Fri Apr 29 06:11:53 UTC 2005
> On Apr 28, 2005, at 20:23, Matus UHLAR - fantomas wrote:
> >It seems that BIND updates the NS record for the zone, as long as it came
> >in AUTHORITY section, but does NOT update the A record, because it came
> >in ADDITIONAL section. Then, in 38385 seconds, bind will know that
> >multimedia.sk is delegated to 'opal.multimedia.sk' but won't know its IP
> >address and thous won't be able even to find it.
> >
> >Can anyone tell me, if this behaviour is correct? Did I made a mistake
> >somwehere? Or, where lies the main problem, except the fact that the
> >domain really should be delegated to more servers, probably in more
> >domains?
On 28.04 22:32, Jim Reid wrote:
> There is nothing wrong with BIND's behaviour in the scenario you
> outlined. When the TTL for
> opal.multimedia.sk expires, the name will be removed from the name
> server's cache. If it is then asked for that name again, the name
> server will resolve it in precisely the same way as it resolved the
> name before it was in the cache. ie By iteratively querying the root
> (maybe) and .sk name servers, following the delegation chain.
Are you sure that BIND will query .sk TLD nameservers for opalmultimedia.sk
NS, if it has the _authoritative_ NS record for opalmultimedia.sk?
I just reproduced this behaviour:
uhlar at fantomas% dig any opalmultimedia.sk @rns3
;; ANSWER SECTION:
opalmultimedia.sk. 38108 IN MX 16 opal.opalmultimedia.sk.
;; AUTHORITY SECTION:
opalmultimedia.sk. 38108 IN NS opal.opalmultimedia.sk.
... no additional section.
uhlar at fantomas% dig www.opalmultimedia.sk @rns3
; <<>> DiG 9.2.1 <<>> www.opalmultimedia.sk @rns3
;; global options: printcmd
;; connection timed out; no servers could be reached
It seems to me, that bind is not fetching the glue records from .sk TLD.
Looking at bind dump database:
$ORIGIN sk.
opalmultimedia
38057 IN NS opal.opalmultimedia.sk. ;Cr=auth [195.168.11.130]
38057 IN MX 16 opal.opalmultimedia.sk. ;Cr=auth [195.168.11.130]
$ORIGIN opalmultimedia.sk.
mail 3241 IN CNAME opal.opalmultimedia.sk. ;Cr=auth [195.168.11.130]
ns2 47628 IN A 195.168.11.130 ;Cr=addtnl [192.108.130.33]
38038 IN CNAME opal.opalmultimedia.sk. ;Cr=auth [195.168.11.130]
ns 47628 IN A 195.168.11.130 ;NT=1 Cr=addtnl [192.108.130.33]
38038 IN CNAME opal.opalmultimedia.sk. ;Cr=auth [195.168.11.130]
Would this be different, if there were no 'ns' and 'ns2' records?
(I think that _only_ last two lines would be missing, with no difference in
the behaviour).
> The difference in TTL values you showed is because you queried
> different name servers.
I know. I added the authority data from its rigin server just for comparing.
--
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
WinError #98652: Operation completed successfully.
More information about the bind-users
mailing list