Slave zero-TTL on CNAMES
Reindl Harald
h.reindl at thelounge.net
Thu Jun 5 15:21:47 UTC 2014
what the hell invents "$TTL 0 ; 0 seconds" lines before
each CNAME block while on the master there is exactly
one TTL line with 86400 on top of the file?
_____________________________________________________________________________
master-zone:
[root at ns2:~]$ cat /var/named/chroot/var/named/zones/rhsoft.net.dns | grep TTL
$TTL 86400
3600 ; Negative-TTL
[root at ns2:~]$ cat /var/named/chroot/var/named/zones/rhsoft.net.dns | grep TTL | wc -l
2
_____________________________________________________________________________
slave:
[root at ns1:~]$ cat /var/named/chroot/var/named/slaves/rhsoft.net.dns | grep TTL
$TTL 86400 ; 1 day
$TTL 0 ; 0 seconds
$TTL 86400 ; 1 day
$TTL 0 ; 0 seconds
$TTL 86400 ; 1 day
$TTL 0 ; 0 seconds
$TTL 86400 ; 1 day
$TTL 0 ; 0 seconds
[root at ns1:~]$ cat /var/named/chroot/var/named/slaves/rhsoft.net.dns
$ORIGIN .
$TTL 86400 ; 1 day
rhsoft.net IN SOA ns2.thelounge.net. hostmaster.thelounge.net. (
1226095186 ; serial
3600 ; refresh (1 hour)
1800 ; retry (30 minutes)
1814400 ; expire (3 weeks)
3600 ; minimum (1 hour)
)
NS ns2.thelounge.net.
NS ns1.thelounge.net.
A 91.118.73.4
MX 10 barracuda.thelounge.net.
TXT "v=spf1 ip4:91.118.73.0/24 ip4:89.207.144.27 ip4:62.178.103.85 -all"
SPF "v=spf1 ip4:91.118.73.0/24 ip4:89.207.144.27 ip4:62.178.103.85 -all"
$ORIGIN rhsoft.net.
$TTL 0 ; 0 seconds
autoconfig CNAME autoconfig.thelounge.net.
autodiscover CNAME autodiscover-non-tls.thelounge.net.
Am 05.06.2014 17:02, schrieb Reindl Harald:
> uhm - look at the bottom - *they have* a zero TTL after named-compilezone
>
> Am 05.06.2014 16:48, schrieb Reindl Harald:
>> Hi
>>
>> how is that below possible?
>>
>> * ns2.thelounge.net = Master
>> * ns1.thelounge.net = Slave
>> * both are using the same packages (VMwware clones)
>> * i removed the zone file on the slave and restarted named
>> * the zone was transferred for sure again with that new "binary format"
>> * that affactes *any* zone on that both servers
>>
>> how can the slave give a different answer
>>
>> [root at ns1:~]$ rpm -qa | grep bind
>> bind-license-9.9.3-15.P2.fc19.noarch
>> bind-9.9.3-15.P2.fc19.x86_64
>> bind-utils-9.9.3-15.P2.fc19.x86_64
>> bind-chroot-9.9.3-15.P2.fc19.x86_64
>> bind-libs-9.9.3-15.P2.fc19.x86_64
>> bind-libs-lite-9.9.3-15.P2.fc19.x86_64
>> __________________________________________________________________________________
>>
>> [harry at srv-rhsoft:~]$ dig www.rhsoft.net @ns1.thelounge.net
>> ; <<>> DiG 9.9.4-P2-RedHat-9.9.4-12.P2.fc20 <<>> www.rhsoft.net @ns1.thelounge.net
>> ;; global options: +cmd
>> ;; Got answer:
>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54655
>> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
>>
>> ;; OPT PSEUDOSECTION:
>> ; EDNS: version: 0, flags:; udp: 3072
>> ;; QUESTION SECTION:
>> ;www.rhsoft.net. IN A
>>
>> ;; ANSWER SECTION:
>> www.rhsoft.net. 0 IN CNAME proxy.thelounge.net.
>> proxy.thelounge.net. 86400 IN A 91.118.73.4
>>
>> ;; Query time: 19 msec
>> ;; SERVER: 85.124.176.242#53(85.124.176.242)
>> ;; WHEN: Do Jun 05 16:43:38 CEST 2014
>> ;; MSG SIZE rcvd: 89
>> __________________________________________________________________________________
>>
>> [harry at srv-rhsoft:~]$ dig www.rhsoft.net @ns2.thelounge.net
>> ; <<>> DiG 9.9.4-P2-RedHat-9.9.4-12.P2.fc20 <<>> www.rhsoft.net @ns2.thelounge.net
>> ;; global options: +cmd
>> ;; Got answer:
>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2758
>> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
>>
>> ;; OPT PSEUDOSECTION:
>> ; EDNS: version: 0, flags:; udp: 3072
>> ;; QUESTION SECTION:
>> ;www.rhsoft.net. IN A
>>
>> ;; ANSWER SECTION:
>> www.rhsoft.net. 86400 IN CNAME proxy.thelounge.net.
>> proxy.thelounge.net. 86400 IN A 91.118.73.4
>>
>> ;; Query time: 12 msec
>> ;; SERVER: 91.118.73.16#53(91.118.73.16)
>> ;; WHEN: Do Jun 05 16:43:41 CEST 2014
>> ;; MSG SIZE rcvd: 89
>
> [root at ns1:~]$ named-compilezone -f raw -F text -o /var/named/chroot/var/named/slaves/rhsoft.net.dns rhsoft.net
> /var/named/chroot/var/named/slaves/rhsoft.net.dns
> zone rhsoft.net/IN: loaded serial 1226095186
> dump zone to /var/named/chroot/var/named/slaves/rhsoft.net.dns...done
> OK
> [root at asterisk:~]$ cat /var/named/chroot/var/named/slaves/rhsoft.net.dns
> rhsoft.net. 86400 IN SOA ns2.thelounge.net. hostmaster.thelounge.net.
> 1226095186 3600 1800 1814400 3600
> rhsoft.net. 86400 IN NS ns2.thelounge.net.
> rhsoft.net. 86400 IN NS ns1.thelounge.net.
> rhsoft.net. 86400 IN A 91.118.73.4
> rhsoft.net. 86400 IN MX 10 barracuda.thelounge.net.
> rhsoft.net. 86400 IN TXT "v=spf1 ip4:91.118.73.0/24 ip4:89.207.144.27
> ip4:62.178.103.85 -all"
> rhsoft.net. 86400 IN SPF "v=spf1 ip4:91.118.73.0/24 ip4:89.207.144.27
> ip4:62.178.103.85 -all"
> www.rhsoft.net. 0 IN CNAME proxy.thelounge.net.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 246 bytes
Desc: OpenPGP digital signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20140605/161315e8/attachment.bin>
More information about the bind-users
mailing list