DNS "chicken-and-egg" Problem

D. Stussy spam at bde-arc.ampr.org
Thu Oct 30 22:41:28 UTC 2008 

<bsfinkel at anl.gov> wrote in message news:ged835$r82$1 at sf1.isc.org...
> To summarize this problem -
> ...
>     5) Someone (I do not remember who, and I cannot find the reply in
>        the list archives) pointed out to me that the answers I am
>        getting from UCLA are not authoritative - the "aa" flag is
>        missing.
>
> What could cause glue information (that I think is correct) in the
> ucla.edu zones to be returned to my server as not authoritative?
> I now assume that the reason that my BIND does not cache the glue is
> that the glue is not marked authoritative.  Thanks.

Because GLUE is never authoritative.  To get the authoritative address
record, you need to query the zone, not its parent.

Your server is throwing away the glue record and cannot get to the zone.
This is either a bug or a configuration error.

It works for me (using a different version of BIND not 9.5.0):

; <<>> DiG 9.5.1b1 <<>> igpp.ucla.edu a +trace
... [snipped root and edu.]
ucla.edu.               172800  IN      NS      DNS3.ucla.edu.
ucla.edu.               172800  IN      NS      DNS2.ucla.edu.
ucla.edu.               172800  IN      NS      ADNS2.BERKELEY.edu.
ucla.edu.               172800  IN      NS      DNS.ucla.edu.
;; Received 180 bytes from 192.26.92.32#53(C3.NSTLD.COM) in 72 ms

igpp.ucla.edu.          21600   IN      NS      igpp.ucla.edu.
;; Received 61 bytes from 164.67.128.1#53(DNS.ucla.edu) in 2 ms

igpp.ucla.edu.          86400   IN      A       128.97.94.1
igpp.ucla.edu.          86400   IN      NS      igpp.ucla.edu.
;; Received 61 bytes from 128.97.94.1#53(igpp.ucla.edu) in 2 ms

; <<>> DiG 9.5.1b1 <<>> igpp.ucla.edu a
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9711
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;igpp.ucla.edu.                 IN      A

;; ANSWER SECTION:
igpp.ucla.edu.          86383   IN      A       128.97.94.1

;; AUTHORITY SECTION:
igpp.ucla.edu.          21583   IN      NS      igpp.ucla.edu.

;; Query time: 2 msec
;; SERVER: ::1#53(::1)
;; WHEN: Thu Oct 30 22:36:25 2008
;; MSG SIZE  rcvd: 61

Therefore, change your version (upgrade).

More information about the bind-users mailing list