Domaine Non-authoritative answer
list-bind at cardiff.fr
list-bind at cardiff.fr
Wed Jul 16 14:43:14 UTC 2008
Well this is the problem, as it is supposed to be installed on
ns6.cardiffdns.fr
It is called in named.conf, and file is physically present on server....
ns2014342:~# named-checkzone cardiffusion.fr /etc/bind/cardiffusion.fr.db
zone cardiffusion.fr/IN: loaded serial 2008071501
OK
Yet, I always have Zonecheck.fr response:
SOA is not authoritative ns6.cardiffdns.fr./91.121.119.48
I know I have a problem, and am certainly not going to blame afnic for being
restrictive.
And I know the server is open recursive, as I opened it up voluntary, due to
these problems, and will close it down as soon as I'm sure domains are
resolving...
Nevertheless the object of my problem is certainly not the .fr domain, but
bind zones in general on this server...
Why is my bind server responding not-AA when all zones are inserted, that
named-checkzone answers ok on all zones, that named-checkconf -z is ok on
all zones... ??? why are the flags aa absent ???
Now tell me, what would be the normal zone or named.conf I should use that
would respond my needs... ???
Tugdual de Lassat
-----Message d'origine-----
De : bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org] De la part
de Stephane Bortzmeyer
Envoyé : mercredi 16 juillet 2008 16:14
À : list-bind at cardiff.fr
Cc : bind-users at isc.org
Objet : Re: Domaine Non-authoritative answer
On Wed, Jul 16, 2008 at 03:07:48PM +0200,
list-bind at cardiff.fr <list-bind at cardiff.fr> wrote
a message of 442 lines which said:
> Cardiffusion.fr resolves to following ns's : ns4.cardiffdns.fr /
> ns2.cardiffdns.fr but is parked and will be transferred to new's dns
> as soon as soa problems are solved (afnic restrictive dns policy)
? In what way is it restrictive? What's the actual problem?
Currently, ns2.cardiffdns.fr gives the following delegation for this
domain:
ns2.cardiffdns.fr.
ns6.cardiffdns.fr.
But Cardiffusion.fr is not even installed on ns6!
% dig @ns6.cardiffdns.fr. ANY Cardiffusion.fr
; <<>> DiG 9.4.2-P1 <<>> @ns6.cardiffdns.fr. ANY Cardiffusion.fr
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21318
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 2, ADDITIONAL: 3
[No "aa" flag]
You can hardly blame AFNIC policy for such a misconfiguration!
BTW, ns6.cardiffdns.fr is an open recursive name server, which is Bad
<http://www.afnic.fr/actu/nouvelles/general/NN20060404_en>.
More information about the bind-users
mailing list