Moving DNS out of non-cooperative provider
Mark Andrews
marka at isc.org
Tue Jun 19 03:42:42 UTC 2012
In message <barmar-1243EA.23293818062012 at news.eternal-september.org>, Barry Mar
golin writes:
> In article <mailman.1077.1340076168.63724.bind-users at lists.isc.org>,
> Mark Andrews <marka at isc.org> wrote:
>
> > In message <4FDF631A.4060405 at brandeis.edu>, John Miller writes:
> > > Hi Alexander,
> > >
> > > We've actually run into this before. Once upon a time, RCN cable used
> > > to run some slave servers for us, but we've long since moved away from
> > > them, including zone transfers. We yanked them from our registrar a
> > > long time ago, and life was good. For whatever reason, RCN's still
> > > answering queries for brandeis.edu.
> > >
> > > As others have mentioned, change your DNS servers with your domain
> > > registrar, and you'll be fine.
> > >
> > > John
> >
> > And if there is another zone with a CNAME to a brandeis.edu domain
> > on those servers the clients will be getting old data. As you have
> > no control over creation of CNAMEs in other zones I would suggest
> > that you send them a Cease and Decist notice if they are still doing
> > it.
>
> Aren't client nameservers supposed to ignore the extra records from the
> server following the CNAME, since the brandeis.edu zone isn't delegated
> to those servers?
There is no RFC requirement to do so though it is a good strategy
to prevent cache poisoning. Named restarts the query after processing
the CNAME. There are still caches which will accept the records
following the CNAME. Stub clients will always accept the data but
they shouldn't be pointing at authoritative servers for third party
data.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list