help needed
James Pratt
jpratt at norwich.edu
Fri Jun 13 02:38:17 UTC 2008
> -----Original Message-----
> From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org] On
> Behalf Of Kevin Darcy
> Sent: Thursday, June 12, 2008 9:46 PM
> To: bind-users at isc.org
> Subject: Re: help needed
>
> alexus wrote:
> > Hello
> >
> > One of my customers send me following output
> >
> >
> > ---------------------------------------------------------------------
> >
> >
> > Average of all 2 nameservers: 242ms (plus 361ms overhead).
> >
> > Score: F
> >
> > whats glue at parent server? i know ns1.alexus.org is registred name
> server
> > i dont understand what they meant by open DNS server....
> >
> >
> >
> "open DNS server" means it resolves queries for anyone, and can thus be
> easily (ab)used in DoS (denial of service) attacks. It's very bad, and
> should be fixed ASAP.
>
> "missing glue" means that the "com" servers don't have an A record for
> ns1.alexus.org or ns2.alexus.org. This may be because the "host" record
> wasn't properly added to the shared registry by your registrar, or it
> could just be a systemic problem because the names are in a different
> TLD (.org versus .com). All of our nameservers are in .com so I don't
> run into this issue, but I understand there are some special glue
> considerations when you cross TLDs like that.
>
>
> - Kevin
>
I would agree with Kevin's synopsis that the missing glue from .org to .com is due to different TLD's in one primary NS.. and yep.. fix that recursive dns .. it's not that hard to do, even for an amateur like myself! :\
I did find this posting helpful, as it sounds like DNS stuff's "F" report may not be as bad as it seems , or rather, a "worst-case" scenario..
http://forums.whirlpool.net.au/forum-replies-archive.cfm/575280.html
regards,
Jamie
More information about the bind-users
mailing list