Forward type "only" no longer working (possibly a regression)?
Karol Babioch
karol at babioch.de
Mon Oct 1 19:10:34 UTC 2018
Hi Kevin,
thanks for your reply.
Am 01.10.18 um 20:46 schrieb Kevin Darcy:
> Removing "forward only" just masks the problem by telling the resolver algorithm to fail over to iterative resolution when it encounters the SERVFAIL.
You are probably right, but at least it chooses the correct nameserver /
interface to use for the iterative resolution. When I don't specify any
forwarders at all, it will resolve using the public nameserver, with the
forwarders specified it will use the internal nameserver. So it does
work (at least it returns the correct results).
> Why this behavior changed from BIND 9.10.x to 9.13.x eludes me. It's a
> clue to help you get to the root cause of the SERVFAIL, but only a clue.
> More diagnosis and testing is required.
Do you have any suggestion / recommendation what I can do to narrow the
problem down? I already tried to increase the tracing and enabled query
logging, but I couldn't get to the bottom of things. What else can I do
here?
Best regards,
Karol Babioch
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20181001/28dd3655/attachment.bin>
More information about the bind-users
mailing list