graphics4.nytimes.com and BIND 8.3.1?

Mark_Andrews at isc.org Mark_Andrews at isc.org
Sun Feb 17 22:41:41 UTC 2002 

> 
> J Mike Rollins <rollins at wfu.edu> wrote:
> 
> 
> > I recently upgraded from BIND 8.2.5 to 8.3.1 and began to receive
> > complaints from our users regarding the nytimes.com site.
> 
> It's quite possible that bind 8.3.1 opposes illegal names in that zone,
> and since the admins at nytimes.com have misunderstood the usage of 
> negative caching, caching nytimes.com is for all practical purposes disabled.
> 
> graphics4.nytimes.com is aliased to a name "wa1g1.services.icdsatt.net."
> which seems broken , it's delegated to a number of nameservers, but 
> those nameservers don't return meaningful records :
> > dig wa1g1.services.icdsatt.net. soa @stlmo001il4.gslb.icdsatt.net.
> ;; Got bad packet: unexpected end of input
> 86 bytes
> 07 2e 85 80 00 01 00 01 00 00 00 00 05 77 61 31
> 67 31 08 73 65 72 76 69 63 65 73 07 69 63 64 73
> 61 74 74 03 6e 65 74 00 00 06 00 01 05 77 61 31
> 67 31 08 73 65 72 76 69 63 65 73 07 69 63 64 73
> 61 74 74 03 6e 65 74 00 00 06 00 01 00 00 00 78
> 00 04 0c 78 09 0b

	The rdata here is the A record that would be returned if you
	had asked for a A record.

	The problem here is that the load balancer isn't RFC 103[45]
	compliant.  It doesn't respond at all to EDNS queries.  It
	doesn't respond to SOA queries correctly.
 
	Mark

> > Name lookups for graphics4.nytimes.com would timeout with 8.3.1 but would
> > return quickly with 8.2.5.
> 
> > I downgraded our site to 8.2.5.  Our users are able to resolve
> > graphics4.nytimes.com, but I would still like to know what the issue is.
> 
> > I have found that on a test machine, an nslookup graphics4.nytimes.com
> > will return in about 30 seconds under BIND 8.3.1, but under 8.2.5 it will
> > return immediately.  However, one real oddity is that the answer is always
> > non-authoritative under both 8.3.1 and 8.2.5.
> 
> > Anybody have any similar experience with 8.3.1?
> 
> > (O' yea, I had problems with www.etrade.com too.
> > The "query-source address * port 53" thing)
> 
> > Mike
> 
> >       UNIX Systems Administrator at Wake Forest University.
> > ======================================================================
> >           J. Mike Rollins              rollins at wfu.edu
> >      Wake Forest University     http://www.wfu.edu/~rollins
> >         Winston-Salem, NC            work: (336) 758-1938
> > ======================================================================
> 
> 
> 
> 
> -- 
> Peter Håkanson         
>         IPSec  Sverige      (At the Riverside of Gothenburg, home of Volvo)
>            Sorry about my e-mail address, but i'm trying to keep spam out.
> 	   Remove "icke-reklam" and it works.
> 
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews at isc.org

More information about the bind-users mailing list