Dig shows wrong ip
Chris Thompson
cet1 at cam.ac.uk
Thu Jul 30 10:11:40 UTC 2009
On Jul 30 2009, Danny Mayer wrote:
>Chris Thompson wrote:
>> On Jul 28 2009, sthaug at nethelp.no wrote:
>>
>>> % dig +short a dns3.potomacnetworks.com @a.gtld-servers.net
>>> 216.250.243.230
>>>
>>> As long as that host record exists, with an IP different from what
>>> your authoritative servers reply with, you are going to have problems,
>>> because queries will be answered by the GTLD servers and not your own
>>> authoritative servers.
>>
>> This is the wretched "glue promoted to answer" bug (we can call it a
>> bug by now, surely?) which we are assured that the GTLD servers will
>> be cured of this year, next year, sometime, or ...
>>
>> ... well, they will have to fix it before they can roll out DNSSEC,
>> won't they?
>
>No. The op always needs to notify the Registrar of their domain when the
>address of any of their nameservers changes. That has always been a
>requirement.
You are misinterpreting what I said. Of course erroneous glue needs to be
corrected. But there is no need for the servers to return IP addresses
provided for glue as an *answer* to a query, as the *.gtld-servers.net ones
do, rather than giving a proper referral. (At least their answers are not
marked authoritative, unlike those from some other nameservers.)
On Jul 30 2009, Stephane Bortzmeyer <bortzmeyer at nic.fr> wrote:
> Not all the GTLD servers, only .com and .net.
(And edu, if you count that as a GTLD.) I should perhaps have made
it clearer that I meant "the servers called *.gtld-servers.net",
rather than "all servers for 'generic' top-level domains".
--
Chris Thompson
Email: cet1 at cam.ac.uk
More information about the bind-users
mailing list