Issue: Name huawei.com (SOA) not subdomain of zone cloud.huawei.com -- invalid response
Jesus Cea
jcea at jcea.es
Fri Jun 2 14:13:22 UTC 2023
On 2/6/23 7:59, Nick Tait via bind-users wrote:
> On 2/06/23 15:02, Jesus Cea wrote:
>> What I get from your reply is that BIND is not expected to do anything
>> about this. It is a bit disappointed but I agree that BIND is doing
>> the right thing. Too bad big players don't care. But I need to "solve"
>> this, so dropping BIND (nooo!) or patching software is on my table now.
>
> Don't know if it will work, but something to try could be to create a
> forwarding zone for each of the zones that is having this problem, and
> forward the queries to (e.g.) Google? In theory that would cause BIND to
> ask Google for the answer instead of working it out for itself?
It doesn't work, because Google (8.8.8.8) is giving back exactly what
huawei provides (a NODATA reply, with an invalid SOA in the
authoritative section) and BIND "verifying" resolver detects the problem
and reply to the DNS client with a (correct but inconvenient) SERVFAIL.
--
Jesús Cea Avión _/_/ _/_/_/ _/_/_/
jcea at jcea.es - https://www.jcea.es/ _/_/ _/_/ _/_/ _/_/ _/_/
Twitter: @jcea _/_/ _/_/ _/_/_/_/_/
jabber / xmpp:jcea at jabber.org _/_/ _/_/ _/_/ _/_/ _/_/
"Things are not so easy" _/_/ _/_/ _/_/ _/_/ _/_/ _/_/
"My name is Dump, Core Dump" _/_/_/ _/_/_/ _/_/ _/_/
"El amor es poner tu felicidad en la felicidad de otro" - Leibniz
More information about the bind-users
mailing list