Glue records cached, when they should be coming from zone

Tuomas Toropainen tuomas.toropainen at lanwan.fi
Tue Nov 20 15:11:39 UTC 2007 

Hello

Kevin Darcy wrote:
> ns.lanwan.fi is *not* from the child zone, so you're authoritative for 
> it and the TTL does not decrease.

It is not that simple. Look at this, ns1.ar.lanwan.fi vs. ns2.ar.lanwan.fi:

 >> The problem is clearly visible in this dig query. Look at the TTL of
 >> ns1.ar.lanwan.fi A record. Why does ns2.ar.lanwan.fi have constant
 >> default TTL while ns1 TTL is decrementing?
 >>
 >> ---8<---
 >> $ dig ns ar.lanwan.fi. @ns.lanwan.fi.
 >>
 >> ; <<>> DiG 9.3.4 <<>> ns ar.lanwan.fi. @ns.lanwan.fi.
 >> ; (1 server found)
 >> ;; global options:  printcmd
 >> ;; Got answer:
 >> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1484
 >> ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 2
 >>
 >> ;; QUESTION SECTION:
 >> ;ar.lanwan.fi.                  IN      NS
 >>
 >> ;; AUTHORITY SECTION:
 >> ar.lanwan.fi.           86400   IN      NS      ns2.ar.lanwan.fi.
 >> ar.lanwan.fi.           86400   IN      NS      ns1.ar.lanwan.fi.
 >>
 >> ;; ADDITIONAL SECTION:
 >> ns1.ar.lanwan.fi.       32535   IN      A       213.255.168.10
 >> ns2.ar.lanwan.fi.       86400   IN      A       213.255.168.20
 >>
 >> ;; Query time: 4 msec
 >> ;; SERVER: 213.255.190.40#53(213.255.190.40)
 >> ;; WHEN: Mon Nov 12 14:57:48 2007
 >> ;; MSG SIZE  rcvd: 98
 >> ---8<---


> My question is: why do you characterize this as a "problem"? Seems to me 
> everything is working as designed.

Because I have received several automated emails from our local .fi 
registry complaining that lanwan.fi. zone is not correctly configured in 
ns.lanwan.fi. The specific problem is the occasional lack of 
ns1.ar.lanwan.fi and/or ns2.ar.lanwan.fi glue records.

>> ---8<---
>> $ dig ns lanwan.fi. @ns.lanwan.fi.
>>
>> ; <<>> DiG 9.3.4 <<>> ns lanwan.fi. @ns.lanwan.fi.
>> ; (1 server found)
>> ;; global options:  printcmd
>> ;; Got answer:
>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1313
>> ;; flags: qr aa rd; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 2
>>
>> ;; QUESTION SECTION:
>> ;lanwan.fi.                     IN      NS
>>
>> ;; ANSWER SECTION:
>> lanwan.fi.              86400   IN      NS      ns2.ar.lanwan.fi.
>> lanwan.fi.              86400   IN      NS      ns.lanwan.fi.
>> lanwan.fi.              86400   IN      NS      ns1.ar.lanwan.fi.
>>
>> ;; ADDITIONAL SECTION:
>> ns.lanwan.fi.           86400   IN      A       213.255.190.40
>> ns1.ar.lanwan.fi.       47998   IN      A       213.255.168.10
>>
>> ;; Query time: 4 msec
>> ;; SERVER: 213.255.190.40#53(213.255.190.40)
>> ;; WHEN: Tue Nov 13 10:40:05 2007
>> ;; MSG SIZE  rcvd: 115
>> ---8<---

There should be A record for ns2.ar.lanwan.fi too, shouldn't there? Why 
is it not there? What can I do to fix that?

BR,
Tuomas

More information about the bind-users mailing list