Keep getting invalid Non-authoritative answer.

Jim Reid jim at rfc1035.com
Thu Jun 29 22:06:33 UTC 2000


>>>>> "Carle" == Carle Brisson <carle at vianet.on.ca> writes:

    Carle> Interesting situation. We control the following domain and
    Carle> are providing proper DNS records for www.fseso.org
    Carle> (209.91.152.39). Most external servers are reporting a bell
    Carle> IP address when querying for the above.

The nameservers that are giving the "wrong" answer have cached that
www.fseso.org is at 209.226.7.135. They must have looked it up before
you changed it to 209.91.152.39. They will cache those answers for 2
days because it looks like the old resource record had a 2 day TTL.
Unless you can persuade the administrators of those name servers to
restart them (unlikely), you'll just have to wait for those stale
entries to expire in a day or so.

Interestingly, you now have set the TTL for all the resource records
in the fseso.rog zone to 0. This is probably a mistake and may well
confuse some name servers. A TTL of zero isn't going to get rid of the
stale answers that other name servers have already cached. Put the TTL
back to something sensible: a few hours at least. Choose a time to
live that reflects how long you want name servers to remember that
data. A day is probably reasonable. Then the next time you move the
web server, drop the TTL for www.fseso.org to 5 minutes (say) one day
before you renumber it. That way name servers should only cache the
old, stale data for a few minutes in the day before the move.

BTW, use dig rather than nslookup for interrogating name servers. As
has been said zillions of times on this list, nslookup is an awful
tool.



More information about the bind-users mailing list