Sender domain must exist

Mark_Andrews at iengines.com Mark_Andrews at iengines.com
Mon Nov 29 22:14:06 UTC 1999 

	The zones in question have been mis-managed as the parent
	zone has not been informed of the changes.  This has always
	be a requirement.  It is even more so these days as we try to
	get rid of bogus data.

	What you are asking for is for the server to discard more
	trusted data in favour of less trusted data to get around a
	mis-management problem.  When zones start to be signed it will
	be the equivalent of discarding signed data for unsigned data.

	The latter will not occur.

	The contacts for these zones have been Cc'd.

	Mark

> a lot of dns setups are broken nowadays.  onelist.com has been acting up
> lately.  intel.com also breaks frequently.  there is some situation where
> bind will end up with ns records for a domain, but no matching a records
> for those ns records, so it can't do any resolving for that domain until
> the ns records timeout.  i've been thinking of trying to hack into the
> code and recognize that case and trash the ns records and ask the root
> servers again.  it always seems to be caused by a mismatch between what
> the root servers have and what the supposed authoritative servers return,
> but i haven't figured out the exact mechanism that causes it to lose the a
> records, but not the ns records.
> 
> see, here is intel.com being broken:
> ; <<>> DiG 8.2 <<>> ns intel.com 
> ;; res options: init recurs defnam dnsrch
> ;; got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
> ;; QUERY SECTION:
> ;;      intel.com, type = NS, class = IN
> 
> ;; ANSWER SECTION:
> intel.com.              3h6m56s IN NS   cps.ns.intel.com.
> intel.com.              3h6m56s IN NS   ns.intel.com.
> 
> ;; Total query time: 5 msec
> ;; FROM: q7.q7.com to SERVER: default -- 206.58.126.2
> ;; WHEN: Mon Nov 29 07:57:59 1999
> ;; MSG SIZE  sent: 27  rcvd: 62
> 
> and ucdavis.edu:
> ; <<>> DiG 8.2 <<>> ns ucdavis.edu 
> ;; res options: init recurs defnam dnsrch
> ;; got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
> ;; QUERY SECTION:
> ;;      ucdavis.edu, type = NS, class = IN
> 
> ;; ANSWER SECTION:
> ucdavis.edu.            8h35m18s IN NS  teddy.ucdavis.edu.
> ucdavis.edu.            8h35m18s IN NS  tyler.ucdavis.edu.
> 
> ;; Total query time: 4 msec
> ;; FROM: q7.q7.com to SERVER: default -- 206.58.126.2
> ;; WHEN: Mon Nov 29 07:58:35 1999
> ;; MSG SIZE  sent: 29  rcvd: 69
> 
> 
> 
> 
--
Mark Andrews, Internet Engines Inc. / Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at iengines.com

More information about the bind-users mailing list