Problem with caching domain
Kevin Darcy
kcd at chrysler.com
Thu Aug 6 19:37:11 UTC 2009
Yes, ns1.geap.com.br and ns2.geap.com.br are both CNAMEs. Pointing NS
records at CNAMEs is not only illegal, but causes real problems, as you
can see.
- Kevin
Breno Silveira Soares wrote:
> Hi list,
>
> I'm using bind 9.6.1.
> I have problem with resolving an external name www.geap.com.br.
> The first time quering the server, it's work. But when the TTL of www
> record expires, the server returns SERVFAIL.
> And when I execute "rndc flush" it's work as the first time.
>
> The dump cache of my server shows:
>
> ; ns2.geap.com.br [v4 TTL 98] [v6 TTL 98] [v4 failure] [v6 failure]
> ; ns1.geap.com.br [v4 TTL 98] [v6 TTL 98] [v4 failure] [v6 failure]
> ; glue
> 75.88.201.in-addr.arpa. 389 NS ns1.geap.com.br.
> 389 NS ns2.geap.com.br.
> ; glue
> geap.com.br. 81544 NS ns1.geap.com.br.
> 81544 NS ns2.geap.com.br.
> ; glue
> ns1.geap.com.br. 81544 A 201.88.75.3
> ; glue
> ns2.geap.com.br. 81544 A 201.88.75.7
> -----------------------
>
> The NS of domain uses CNAME:
>
> ns1.geap.com.br. 3600 IN CNAME srvneonio.geap.com.br.
> srvneonio.geap.com.br. 3600 IN A 201.88.75.3
> ns2.geap.com.br. 3600 IN CNAME srvcriptonio.geap.com.br.
> srvcriptonio.geap.com.br. 3600 IN A 201.88.75.7
>
> ----------------------
> $ dig @centauro www.geap.com.br
>
> ; <<>> DiG 9.2.4 <<>> @centauro www.geap.com.br
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 1213
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;www.geap.com.br. IN A
>
> ;; Query time: 1 msec
> ;; SERVER: 161.148.1.17#53(centauro)
> ;; WHEN: Thu Aug 6 16:11:34 2009
> ;; MSG SIZE rcvd: 33
>
>
> It's something related with glue records or using NS with CNAME or [v4
> failure] in the cache ?
>
> Thanks.
>
> --
> Ats,
> Breno S. Soares
> Analista de Redes
> SERPRO/SUPRE/REBHE
> Tel: (31) 3311-6825
>
>
> "Esta mensagem do SERVIÇO FEDERAL DE PROCESSAMENTO DE DADOS (SERPRO), empresa pública federal regida pelo disposto na Lei Federal nº 5.615, é enviada exclusivamente a seu destinatário e pode conter informações confidenciais, protegidas por sigilo profissional. Sua utilização desautorizada é ilegal e sujeita o infrator às penas da lei. Se você a recebeu indevidamente, queira, por gentileza, reenviá-la ao emitente, esclarecendo o equívoco."
>
> "This message from SERVIÇO FEDERAL DE PROCESSAMENTO DE DADOS (SERPRO) -- a government company established under Brazilian law (5.615/70) -- is directed exclusively to its addressee and may contain confidential data, protected under professional secrecy rules. Its unauthorized use is illegal and may subject the transgressor to the law's penalties. If you're not the addressee, please send it back, elucidating the failure."
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
More information about the bind-users
mailing list