Trouble With One Domain
Hauke Lampe
list+bindusers at hauke-lampe.de
Thu Jun 25 21:21:12 UTC 2009
bsfinkel at anl.gov wrote:
> There are problems accessing this domain from the Internet, and I cannot
> determine what the problem is. I have no trouble from Argonne, as the
> domain is slaved on all of my servers. I do not see any problem with
> the delegations, but I may be missing something. When I go to
I get SERVFAIL responses from BIND resolvers while Unbound returns an
answer. I think CNAMEs in your delegation could be the cause:
| IllinoisAcceleratorInstitute.org. 86400 IN NS dns1.aps.anl.gov.
| IllinoisAcceleratorInstitute.org. 86400 IN NS dns2.aps.anl.gov.
| dns1.aps.anl.gov. 86400 IN CNAME t1dns1.aps.anl.gov.
| dns2.aps.anl.gov. 86400 IN CNAME t1dns2.aps.anl.gov.
There was a thread about those, just a few days ago on another list:
https://lists.dns-oarc.net/pipermail/dns-operations/2009-June/004126.html
|> Does anyone have any knowledge of how well currently deployed DNS
|> caches handle NS records pointing to names with CNAME records?
|
| named fails them deliberately because they cannot work
| at the theoretical level for all delegation. You need
| to change the additional section processing rules for
| them to work.
Hauke.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 260 bytes
Desc: OpenPGP digital signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20090625/a887210b/attachment.bin>
More information about the bind-users
mailing list