"Immoral" MX records hosted by easydns.com

Barry Finkel b19141 at achilles.ctd.anl.gov
Tue Oct 30 13:29:22 UTC 2001


>Barry Margolin wrote:
>
>I have a script that goes through all the zones we do secondary DNS for and
>greps for common misconfigurations.  We catch MX/NS records that point to
>IP addresses, NS/PTR records in reverse domains where the admin forgot to
>put the "." at the end (I look for hostnames ending in .in-addr.arpa),
>expire times that are too short (Microsoft DNS has a nasty 1-day default
>expire time) and refresh times that are too long.  When a zone shows up in
>the report we notify the customer and nag them until they fix it.

While some might think that "Microsoft DNS has a nasty 1-day default
expire time", there is one benefit.  If the W2k DNS server is rebooted
and some zone serial numbers decrease, then 24 hours after the reboot
the slaves will expire the zones, and then the slaves will transfer
any version of the zone that the master has.  This is an auto-synch
after 24 hours.  I am sure the MS did not set the 24 hour expire time
for this purpose.  We are running BIND 8.2.5-REL; I assume the same
slave behavior is true of BIND 9.x.

Yes, we still have serial number decreases on our W2k DNS, even after
we installed the fix Q304653.  MS is investigating, and about ten days
ago the DNS engineer diagnosing the problem thought that he was close
to discovering the cause.  But I have not heard back from him since.

----------------------------------------------------------------------
Barry S. Finkel
Electronics and Computing Technologies Division
Argonne National Laboratory          Phone:    +1 (630) 252-7277
9700 South Cass Avenue               Facsimile:+1 (630) 252-9689
Building 221, Room B236              Internet: BSFinkel at anl.gov
Argonne, IL   60439-4844             IBMMAIL:  I1004994



More information about the bind-users mailing list