BIND 8 data loss problem
Mark Andrews
Mark_Andrews at isc.org
Thu Feb 17 21:43:14 UTC 2005
> The NS records in the response have been moved from the Answer Section
> to the Authority Section, which makes more sense since the response is
> effectively a referral. See
>
> 1461. [func] return referrals for glue (NS/A/AAAA) if
> recursion is
> disabled (recursion no;).
>
> in the src/CHANGES file.
>
> If you want to provide an actual *answer* to that question, then you
> either need to recurse for it (which would require loosening your
> recursion settings) or be authoritative (i.e. a slave) for the zone.
> It's possible you might be able to accomplish this by defining the child
> as a "stub" zone, but I don't have a working installation of 8.4.6 to be
> able to confirm or deny this...
>
>
> - Kevin
Note also this is a authorative only server (recursion no;).
End systems are not expected to query this directly but
rather through a iterative resolver. A iterative resolver will
follow the referral and get the NS records from the slave.
> Ann James wrote:
>
> >Hi,
> >
> >I am trying to replace older BIND versions 8.2.2 and 8.2.7 with 8.4.6 on
> >a Solaris8 platform. The 8.2 packages were built by someone else and I
> >do not have their build environment.
> >
> >I am building 8.4.6 on a Solaris8 platform and it appears to work fine.
> > But I'm am experiencing data loss for certain records. I have also
> >tried 8.4.5 and had the same results as 8.4.6. I'm using the standard
> >out of the box compile.
> >
> >Here are some of the RRs I am having trouble with:
> >
> >wood.schc.meed.zaboo.org. NS woodaa.schc.meed.zaboo.org.
> >wood.schc.meed.zaboo.org. NS woodab.schc.meed.zaboo.org.
> >17.88.82.166.in-addr.arpa. PTR wood.schc.meed.zaboo.org.
> >
> >This happens about 300 times throughout the data, all RRs setup with
> >both PTR and NS to the same FQDN. In this case wood.schc.meed.zaboo.org.
> >
> >Under 8.4.6 when I dig for PTR records I get 1 answer as expected.
> >Under 8.2.2 / 8.2.7 when I dig for PTR records I get 1 answer as expected.
> >
> >Under 8.4.6 when I dig for NS records I get 0 answers.
> >Under 8.2.2 & 8.2.7 when I dig for NS records I get the expected response.
> >
> >Why won't BIND 8.4.6 provide an authoritative answer for these records?
> > It is a customer's data and they are reluctant to change it. This data
> >is a private namespace behind a firewall.
> >
> >I have whittled the data down to the bare minimum required to reproduce
> >the problem. I've attached below the conf and db files, dig results
> >from both servers and syslog messages logged by both servers. Sorry for
> >the long post.
> >
> >Any help would be greatly appreciated. I'm at a loss right now.
> >
> >Ann
> >
> >-------------- File: named.conf --------------
> >controls {
> > inet 127.0.0.1 port 953 allow { localhost; };
> >};
> >
> >options {
> > directory "/opt/test";
> >
> > fetch-glue no;
> > multiple-cnames yes;
> >
> > recursion no;
> >
> > check-names master ignore;
> > check-names response ignore;
> > check-names slave ignore;
> >
> > allow-transfer { any; };
> > allow-query { any; };
> >
> > auth-nxdomain yes;
> > rrset-order { order fixed; };
> >
> > files unlimited;
> > notify no;
> >
> > dump-file "/var/test/dump.db";
> > statistics-file "/var/test/stats";
> >
> > version "RESTRICTED";
> >
> > statistics-interval 30;
> >
> > query-source address * port 53;
> >};
> >
> >logging {
> > channel ns_syslog {
> > syslog daemon;
> > severity info;
> > };
> > channel ns_queries {
> > file "/var/test/queries" size 300M;
> > print-time yes;
> > severity dynamic;
> > };
> > channel ns_security {
> > file "/var/test/security" size 30M;
> > print-time yes;
> > print-category yes;
> > print-severity yes;
> > severity notice;
> > };
> > channel ns_stats {
> > file "/var/test/stats" size 300M;
> > print-time yes;
> > severity info;
> > };
> > channel ns_cname {
> > file "/var/test/cname" size 300M;
> > print-time yes;
> > severity info;
> > };
> > channel ns_lame {
> > file "/var/test/lame" size 300M;
> > print-time yes;
> > severity info;
> > };
> > channel ns_debug {
> > file "/var/test/debug" size 300M;
> > print-time yes;
> > print-category yes;
> > print-severity yes;
> > severity dynamic;
> > };
> > channel ns_default {
> > file "/var/test/syslog" versions 3 size 100M;
> > print-time yes;
> > severity info;
> > };
> >
> > category default { ns_default; ns_debug; };
> >
> > category statistics { ns_stats; };
> > category queries { ns_queries; };
> > category cname { ns_cname; };
> > category lame-servers { ns_lame; };
> > category panic { default_syslog; default_stderr; ns_debug; };
> > category xfer-in { ns_default; };
> > category xfer-out { ns_default; };
> > category security { ns_default; };
> > category packet { ns_debug; };
> > category update { ns_default; };
> >};
> >
> >zone "schc.meed.zaboo.org" in {
> > type master;
> > file "db.schc.meed.zaboo.org";
> > check-names warn;
> > notify no;
> >};
> >
> >zone "82.166.in-addr.arpa" in {
> > type master;
> > file "db.82.166.in-addr.arpa";
> > check-names warn;
> > notify no;
> >};
> >
> >//zone "." in {
> >// type hint;
> >// file "db.cache";
> >//};
> >
> >zone "0.0.127.in-addr.arpa" in {
> > type master;
> > file "db.127.0.0";
> >};
> >
> >-------------- File: db.schc.meed.zaboo.org --------------
> >;===========================================================================
> >; Addresses and other host information for zone: schc.meed.zaboo.org
> >;===========================================================================
> >@ IN SOA ns13.zaboo.org. dns.meed.zaboo.org. (
> > 1786 ; Serial No.
> > 3600 ; Refresh
> > 900 ; Retry
> > 604800 ; Expire
> > 86400 ) ; Default TTL
> >;
> > IN NS ns13.zaboo.org.
> > IN NS ns11.zaboo.org.
> > IN NS ns12.zaboo.org.
> >
> >wood.schc.meed.zaboo.org. IN NS woodaa.schc.meed.zaboo.org.
> >wood.schc.meed.zaboo.org. IN NS woodab.schc.meed.zaboo.org.
> >
> >;*************
> >; A records
> >;*************
> >woodab 86400 IN A 166.82.88.17
> >woodaa IN A 166.82.88.18
> >
> >woodab.schc.meed.zaboo.org. 86400 IN MX 10 WOODAB.schc.meed.zaboo.org.
> >woodaa.schc.meed.zaboo.org. 86400 IN MX 10 WOODAA.schc.meed.zaboo.org.
> >
> >-------------- File: db.82.166.in-addr.arpa --------------
> >;===========================================================================
> >; Reverse Addresses (PTR Records) for zone: 82.166.in-addr.arpa
> >;===========================================================================
> >@ IN SOA ns13.zaboo.org. dns.meed.zaboo.org. (
> > 1891 ; Serial No.
> > 3600 ; Refresh
> > 900 ; Retry
> > 604800 ; Expire
> > 86400 ) ; Default TTL
> >;
> > IN NS ns13.zaboo.org.
> > IN NS ns11.zaboo.org.
> > IN NS ns12.zaboo.org.
> >;
> >;**************
> >; PTR records
> >;**************
> >18.88 IN PTR wood.schc.meed.zaboo.org.
> >17.88 IN PTR wood.schc.meed.zaboo.org.
> >
> >18.88 IN PTR woodaa.schc.meed.zaboo.org.
> >17.88 86400 IN PTR woodab.schc.meed.zaboo.org.
> >
> >-------------- File: db.127.0.0 --------------
> >;===========================================================================
> >; Local server zone information: 0.0.127.in-addr.arpa
> >;===========================================================================
> >@ IN SOA ns13.zaboo.org. dnsadmin.zaboo.org. (
> > 1 ; Serial No.
> > 21600 ; Refresh
> > 3600 ; Retry
> > 604800 ; Expire
> > 86400 ) ; Default TTL
> >;
> > IN NS ns13.zaboo.org.
> >1 IN PTR localhost.
> >
> >-------------- File: 846.dig.out --------------
> ># dig @127.0.0.1 NS wood.schc.meed.zaboo.org.
> >
> >; <<>> DiG 8.4 <<>> @127.0.0.1 NS wood.schc.meed.zaboo.org.
> >; (1 server found)
> >;; res options: init recurs defnam dnsrch no-nibble2
> >;; got answer:
> >;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15533
> >;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 2
> >;; QUERY SECTION:
> >;; wood.schc.meed.zaboo.org, type = NS, class = IN
> >
> >;; AUTHORITY SECTION:
> >wood.schc.meed.zaboo.org. 1D IN NS woodaa.schc.meed.zaboo.org.
> >wood.schc.meed.zaboo.org. 1D IN NS woodab.schc.meed.zaboo.org.
> >
> >;; ADDITIONAL SECTION:
> >woodaa.schc.meed.zaboo.org. 1D IN A 166.82.88.18
> >woodab.schc.meed.zaboo.org. 1D IN A 166.82.88.17
> >
> >;; Total query time: 4 msec
> >;; FROM: ns01 to SERVER: 127.0.0.1
> >;; WHEN: Thu Feb 17 15:50:55 2005
> >;; MSG SIZE sent: 42 rcvd: 116
> >
> ># dig @127.0.0.1 PTR 17.88.82.166.in-addr.arpa.
> >
> >; <<>> DiG 8.4 <<>> @127.0.0.1 PTR 17.88.82.166.in-addr.arpa.
> >; (1 server found)
> >;; res options: init recurs defnam dnsrch no-nibble2
> >;; got answer:
> >;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29999
> >;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 3, ADDITIONAL: 0
> >;; QUERY SECTION:
> >;; 17.88.82.166.in-addr.arpa, type = PTR, class = IN
> >
> >;; ANSWER SECTION:
> >17.88.82.166.in-addr.arpa. 1D IN PTR wood.schc.meed.zaboo.org.
> >17.88.82.166.in-addr.arpa. 1D IN PTR woodaa.schc.meed.zaboo.org.
> >
> >;; AUTHORITY SECTION:
> >82.166.in-addr.arpa. 1D IN NS ns13.zaboo.org.
> >82.166.in-addr.arpa. 1D IN NS ns11.zaboo.org.
> >82.166.in-addr.arpa. 1D IN NS ns12.zaboo.org.
> >
> >;; Total query time: 3 msec
> >;; FROM: ns01 to SERVER: 127.0.0.1
> >;; WHEN: Thu Feb 17 15:51:08 2005
> >;; MSG SIZE sent: 43 rcvd: 159
> >
> >-------------- File: 827.dig.out --------------
> ># dig @127.0.0.1 NS wood.schc.meed.zaboo.org.
> >
> >; <<>> DiG 8.4 <<>> @127.0.0.1 NS wood.schc.meed.zaboo.org.
> >; (1 server found)
> >;; res options: init recurs defnam dnsrch no-nibble2
> >;; got answer:
> >;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59378
> >;; flags: qr rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 2
> >;; QUERY SECTION:
> >;; wood.schc.meed.zaboo.org, type = NS, class = IN
> >
> >;; ANSWER SECTION:
> >wood.schc.meed.zaboo.org. 1D IN NS woodaa.schc.meed.zaboo.org.
> >wood.schc.meed.zaboo.org. 1D IN NS woodab.schc.meed.zaboo.org.
> >
> >;; ADDITIONAL SECTION:
> >woodaa.schc.meed.zaboo.org. 1D IN A 166.82.88.18
> >woodab.schc.meed.zaboo.org. 1D IN A 166.82.88.17
> >
> >;; Total query time: 3 msec
> >;; FROM: ns01 to SERVER: 127.0.0.1
> >;; WHEN: Thu Feb 17 15:48:22 2005
> >;; MSG SIZE sent: 42 rcvd: 116
> >
> ># dig @127.0.0.1 PTR 17.88.82.166.in-addr.arpa.
> >
> >; <<>> DiG 8.4 <<>> @127.0.0.1 PTR 17.88.82.166.in-addr.arpa.
> >; (1 server found)
> >;; res options: init recurs defnam dnsrch no-nibble2
> >;; got answer:
> >;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17127
> >;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 3, ADDITIONAL: 0
> >;; QUERY SECTION:
> >;; 17.88.82.166.in-addr.arpa, type = PTR, class = IN
> >
> >;; ANSWER SECTION:
> >17.88.82.166.in-addr.arpa. 1D IN PTR wood.schc.meed.zaboo.org.
> >17.88.82.166.in-addr.arpa. 1D IN PTR woodaa.schc.meed.zaboo.org.
> >
> >;; AUTHORITY SECTION:
> >82.166.in-addr.arpa. 1D IN NS ns13.zaboo.org.
> >82.166.in-addr.arpa. 1D IN NS ns11.zaboo.org.
> >82.166.in-addr.arpa. 1D IN NS ns12.zaboo.org.
> >
> >;; Total query time: 3 msec
> >;; FROM: ns01 to SERVER: 127.0.0.1
> >;; WHEN: Thu Feb 17 15:49:01 2005
> >;; MSG SIZE sent: 43 rcvd: 159
> >
> >-------------- File: logs/846/syslog --------------
> >17-Feb-2005 15:50:44.141 Zone "schc.meed.zaboo.org" (file
> >db.schc.meed.zaboo.org): No default TTL ($TTL <value>) set, using SOA
> >minimum instead
> >17-Feb-2005 15:50:44.143 master zone "schc.meed.zaboo.org" (IN) loaded
> >(serial 1786)
> >17-Feb-2005 15:50:44.144 Zone "82.166.in-addr.arpa" (file
> >db.82.166.in-addr.arpa): No default TTL ($TTL <value>) set, using SOA
> >minimum instead
> >17-Feb-2005 15:50:44.144 master zone "82.166.in-addr.arpa" (IN) loaded
> >(serial 1891)
> >17-Feb-2005 15:50:44.145 Zone "0.0.127.in-addr.arpa" (file db.127.0.0):
> >No default TTL ($TTL <value>) set, using SOA minimum instead
> >17-Feb-2005 15:50:44.145 master zone "0.0.127.in-addr.arpa" (IN) loaded
> >(serial 1)
> >17-Feb-2005 15:50:44.152 listening on [127.0.0.1].53 (lo0)
> >17-Feb-2005 15:50:44.162 Forwarding source address is [::].37248
> >17-Feb-2005 15:50:44.163 Forwarding source address is [0.0.0.0].53
> >17-Feb-2005 15:50:44.181 Ready to answer queries.
> >17-Feb-2005 15:52:44.395 named shutting down
> >
> >-------------- File: logs/827/syslog --------------
> ># cat logs/827/syslog
> >17-Feb-2005 15:47:29.225 Zone "schc.meed.zaboo.org" (file
> >db.schc.meed.zaboo.org): No default TTL set using SOA minimum instead
> >17-Feb-2005 15:47:29.228 master zone "schc.meed.zaboo.org" (IN) loaded
> >(serial 1786)
> >17-Feb-2005 15:47:29.228 Zone "82.166.in-addr.arpa" (file
> >db.82.166.in-addr.arpa): No default TTL set using SOA minimum instead
> >17-Feb-2005 15:47:29.229 master zone "82.166.in-addr.arpa" (IN) loaded
> >(serial 1891)
> >17-Feb-2005 15:47:29.230 Zone "0.0.127.in-addr.arpa" (file db.127.0.0):
> >No default TTL set using SOA minimum instead
> >17-Feb-2005 15:47:29.231 master zone "0.0.127.in-addr.arpa" (IN) loaded
> >(serial 1)
> >17-Feb-2005 15:47:29.236 listening on [127.0.0.1].53 (lo0)
> >17-Feb-2005 15:47:29.248 Forwarding source address is [0.0.0.0].53
> >17-Feb-2005 15:47:29.278 Ready to answer queries.
> >17-Feb-2005 15:47:29.279 i_sysop: nlookup error on ?, db.cache file is
> >missing or empty
> >17-Feb-2005 15:49:47.858 named shutting down
> >
> >
> >
> >
> >
> >
> >
>
>
>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users
mailing list