Internal and external zone with same name
Barry Margolin
barmar at genuity.net
Mon May 6 14:51:44 UTC 2002
In article <aav54p$1t8r$1 at isrv4.isc.org>, <Mark_Andrews at isc.org> wrote:
>> This delegation isn't *strictly* correct, since the external server doesn't
>> have an SOA for www.abc.com. But in this case I don't think it should
>> cause a problem.
>
> The external server would also need to delegate www.abc.com to
> it's own zone or the lame server logic will kick in (it doesn't
> kick in for forwarded queries where we expect the NS RRsets
> not to be at the expected level).
Since the external server responds authoritatively, it's not lame. If the
internal server checks the NS records in the Authority Section, it sounds
more like the cache poisoning logic. Since the NS records conflict with
its own authoritative records, they would never take effect. Would the
internal server reject the response because it seems to be trying to poison
the cache as well?
--
Barry Margolin, barmar at genuity.net
Genuity, Woburn, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.
More information about the bind-users
mailing list