CNAME Records from Hell Just Wouldn't Go away.
Martin McCormick
martin at dc.cis.okstate.edu
Tue Sep 16 10:08:59 UTC 2003
Mark_Andrews at isc.org writes:
> You just needed to supply the zone to nsupdate. Nsupdate only
> attempt to lookup SOA of the name in the update request if
> you fail to supply the zone. Note: BIND 8's nsupdate does *not*
> support specifying the zone, you need to use nsupdate from BIND 9.
That is interesting. I tried that once before getting rough,
but maybe I didn't set it up right. I used a file to drive nsupdate
and that file looked like:
zone okstate.edu
update delete badalias.okstate.edu IN CNAME badsite.org
I got exactly the same output.
FreeBSD comes with bind8 so I did a double check to see if
that nsupdate was accidentally being used. It is gone from the system
as far as I can tell. The nsupdate I use is /usr/local/bin/nsupdate
and was installed from the FreeBSD port of bind9.2.2.
If I deliberately feed that nsupdate a garbage command, the
squawk is:
nsupdate: invalid argument -?
usage: nsupdate [-d] [-y keyname:secret | -k keyfile] [-v] [filename]
Is the format of the zone statement correct?
I deliberately created another orphan CNAME and I can
duplicate the same behavior as before.
I think this is about to become what some refer to as a
teachable moment.
Martin McCormick
More information about the bind-users
mailing list