IP addresses in NS records seem to be breaking hostname resolution
Simon Waters
Simon at wretched.demon.co.uk
Thu Jul 18 17:11:38 UTC 2002
Chris Davis wrote:
>
> "A failure at the TLD to resolve a hostname can be temporary."
>
> But isn't it unlikely enough that all the TLD servers would fail to resolve
> an entire set of NS RDATA that a Bind configuration option to [dump the set
> of NS RDATA that cannot be "first step" resolved by the set of entire TLD
> servers] would be a sensible option for a resolver?
If you get NXDOMAIN for all NS records for a domain it is
probably safe to throw them away... but wait then I requery them
and waste resource on a broken zone, and wow they are still
broken so I throw them away again.
Far safer to assume they are valid for the time the
administrator said they were and hope an admin adds the zones
back in the mean time. You can spend too much time trying to
code around common errors - sometimes it is better just to
break, and people will then fix their zone.
'Fail to resolve' is another question.
Probably the best fix, if we must have one, is to make the
nameserver cough up a warning when loading MX, NS and SVR
records (and similar) if it spots something that looks like an
IP address where it expects a domain name.
No one has yet suggested in this thread a patch for BIND that
returns the query as an answer if it is queried for something
that is obviously an IP address ;)
Simon
More information about the bind-users
mailing list