Problem with a host Delagation
Mark_Andrews at isc.org
Mark_Andrews at isc.org
Wed Dec 17 00:03:46 UTC 2003
> > > > Here is a dig debug (from the parent 192.135.189.20) but I have no
> > > > idea what this means or how to correct.
> > >
> > > I suggest that you choose another vendor. Your load balancer
> > > does not implement the base DNS specification (RFC 1034).
> > > The second answer below is wrong. The correct answer should
> > > be "aa=1 rcode=NOERROR ANSWER=0" (otherwise known as a
> > > NODATA response) and if the authority section is filled in
> > > then it should contain the NS records for the zone
> (www.pics.com).
> >
> > Sorry I made a error above.
> >
> > The authority section should contain the SOA record for the
> zone.
> >
> > > The second answer below causes named to mark the nameservers as
> > > lame hence the SERVFAIL.
>
> I have been arguing with them about the SOA record issue. Would this
> corrected information still cause the SERVFAIL message? Also is there
> another way I can tell bind to have the link controller respond to these
> requests.
The base problem is that the box is returning a referral to the
root servers and not a NODATA response. A referral is what is
returned by a nameserver that is not configured as a server
for a zone.
Whether the box returns a cachable NODATA (SOA) or not is a
secondary issue.
The box knows about EDNS (RFC 2671) which came out way after
AAAA records (RFC 1886) or even MX, SOA or NS records (RFC 1034).
1034: DOMAIN NAMES - CONCEPTS AND FACILITIES November 1987
1886: DNS Extensions to support IP version 6 December 1995
2671: Extension Mechanisms for DNS (EDNS0) August 1999
F5 is assuming that the only queries that their boxes will get
are for A records.
It isn't rocket science to get this correct. Authoritative servers
are easy compared to caching servers.
if (class != 1) {
rcode = notimp;
} else if (issubdomain(name, ourname)) {
rcode = nxdomain; aa = 1;
} else if (name != ourname) {
add_referral():
} else {
switch (type) {
case 1: add_A(); aa = 1; break;
case 2: add_NS(); aa = 1; break;
case 6: add_SOA(); aa = 1; break;
case 251: rcode = refused; break;
case 252: rcode = refused; break;
case 255: add_A(); add_NS(); add_SOA(); aa = 1; break;
default: rcode = noerror; aa = 1; break;
}
}
Mark
> Thanks
>
> Terry
>
>
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at isc.org
More information about the bind-users
mailing list