Is my BIND Server's Cache Poisioned ?
Barry Margolin
barmar at alum.mit.edu
Thu Jun 30 03:47:08 UTC 2005
In article <d9vige$jp6$1 at sf1.isc.org>, Joe Shen <joe_hznm at yahoo.com.sg>
wrote:
> Hi,
>
> I met a strange problem with my cache server, which
> runs BIND9.3.1.
>
> In past days, our customers complaint that three
> domain names (www.hangzhou.gov.cn, www.zpepc.com.cn)
> could not be resolved frequently. I checked on the
> cache server and found, when the cache server could
> not resolve www.hangzhou.gov.cn (www.zpepc.com.cn) I
> can solve the problem by running "rndc flush".
>
> The debugging output of named process has the
> following output when it could not resolve
> www.hangzhou.gov.cn.
>
> Do that mean my cache server is poisioned for these
> two domain name?
The authoritative servers for the hangzhou.gov.cn domain do not have A
records for the nameserver hostnames.
The NS records for zpepc.com.cn are aliases rather than primary
hostnames. This can cause problems like this.
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
More information about the bind-users
mailing list