[External] : Re: NS query on bind9
Sonal Pahuja
sonal.s.pahuja at oracle.com
Wed Sep 15 07:40:12 UTC 2021
Hi Mark,
Thanks for the response. Now NS query is working fine!!
But I have one more query-
we have our application to resolve e164 domain queries i.e NS, NAPTR and CNAME queries only. If user give any other query type then application sends RCODE=4(NOT_IMPLEMENTED) in response.
But bind9 is rejecting our response and sends SERVFAIL.
Attached is the PCAP.
Please share your views again on this. Thanks in advance!
Regards,
Sonal
-----Original Message-----
From: Mark Andrews [mailto:marka at isc.org]
Sent: Wednesday, September 15, 2021 1:51 AM
To: Sonal Pahuja <sonal.s.pahuja at oracle.com>
Cc: bind-users at lists.isc.org
Subject: [External] : Re: NS query on bind9
Named is very picky about returned SOA records in negative responses. If it has followed/seen a delegation then the returned SOA record in the response needs to be at or below that point.
I suspect that named has a cached NS RRset between e164.arpa and 4.0.4.5.2.4.1.4.2.0.2.4.e164.arpa which is causing the returned response to be rejected.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 15sep_RCODE=4.pcap
Type: application/octet-stream
Size: 780 bytes
Desc: 15sep_RCODE=4.pcap
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20210915/c8c2a81a/attachment.obj>
More information about the bind-users
mailing list