Problems with bind9 caching too long

Mark Andrews Mark_Andrews at
Mon Mar 14 19:21:15 UTC 2005

> On Fri, Mar 11, 2005 at 07:37:56PM -0500, Kevin Darcy wrote:
> > No, that's not a BIND bug. You've left the old version of the zone 
> > running on and, and they'll keep on giving out 
> > the stale NS records in response to queries. Other caching nameservers 
> > such as which had the NS records cached from prior to the 
> > switchover will keep on using those nameservers to resolve 
> > names, and therefore keep seeing regurgitations of the stale NS records, 
> > and the cycle will repeat until those caching nameservers are restarted 
> > or those particular records in their caches expire or are purged out, or 
> > until the nameservers stop answering with stale NS records for 
> > the zone (i.e. the zone is removed from them or is replaced by a more 
> > up-to-date version).
> Also, every other DNS server I can find on the net has up-to-date information
> - it's only our USC servers that have the old info... which makes me very
>   suspicious that no server "should" legitimately pick this up until the old
> NS servers go away. As I said, the stale record in question here comes from
> the root servers (well, the .net servers), not

 	Phil, the record comes from the servers.  The reason most
	of the rest of the net doesn't have the old addresses is that:
	a) they are running a version of a nameserver that has been
	   detuned to handle this case of zone mismanagement.  Both
	   BIND 8 and BIND 9 have had to be detuned to handle this.
	b) they didn't have a query under for two days.

	Either of these would have cased the caches to flush the NS RRset.

	You obviously communicate a lot w/  This caused the
	cache to refresh the NS RRset using the authority section from everytime it received a answer from them
	for a zone query.


> -- 
> Phil Dibowitz
> Systems Architect and Administrator
> Enterprise Infrastructure / ISD / USC
> UCC 174 - 213-821-5427
> -- Attached file included as plaintext by Ecartis --
> Version: GnuPG v1.2.3 (GNU/Linux)
> /XLFso9lqJjhrsHDHNSFsb4=
> =sOiy
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at

More information about the bind-users mailing list