Caching-only Name server does Zone Updates

Ashish ashish.rao at
Tue Feb 3 05:31:37 UTC 2009

Hello All,

Thank you for your replies.

Our configuration file is fairly simple (I have changed the domain name for

cache           .                            /etc/dnscache  

We use BIND 4. Actually our DNS was doing lot of CPU utilization and when we
started it in Debug mode we found that there was a reverse lookup for some
IP address which was in the dnscache file. (dnscache is the root hint file)

This started zone updates, as we can observe in the debug file which calls
function db_update()

Here is the debug file content (I have modified the IP address for security
reasons. Here 21.x.x.x is one of the entries in dnscache file. I mean that
there was a network address starting with 21 in our dnscache file)

dgram from, 22222 (2222)
 req: nlookup( id 111 type=11
 req: found '' as '' (cname=0)
 findns: np 0x6b41e
 findns: 2 NS's added for '21'
 nslookup: NS c1 t2 (x0)
 nslookup: 1 ns addrs
 nslookup: NS c1 t2 (x0)
 nslookup: 2 ns addrs
 nslookup: 2 ns addrs total
 retrytime: nstime 0ms.
 schedretry(0x1dfd8, 4sec)

Dgram from 21.x.x.x
USER response nsid=xxxx id xxxx
Respose from upexpected source 21.x.x.x
Stime zzzzz/zzzzz now yyyyyy/yyyyyy rtt x
NS #2 addr 21.x.x.x used rtt y
NS #1 21.x.x.x rtt now z
Resp: ancount 0, aucount 1, arcount 0
Doupdate(zone 0, savens x, flags y)
Doupdate: dname type 6 class 1 ttl 600
Db_update(, 0x12345, 0x56789, 087, 0x76543)

This is strange, there was NSLOOKUP for some IP which caused zone
updates and we do not have any zone specified in our configuration file.

Kindly advice

-----Original Message-----
From: Niall O'Reilly [mailto:Niall.oReilly at] 
Sent: Monday, February 02, 2009 7:50 PM
To: Ashish
Cc: bind-users at; Niall.oReilly at
Subject: Re: Caching-only Name server does Zone Updates

On Mon, 2009-02-02 at 17:25 +0530, Ashish wrote:
> Our DNS is configured as Caching-only Name server.

	How do you know?

>  However, it's still
> performing Zone updates like a Slave Name Server.

	How many 'zone' sections are in your configuration?

	Why not post your configuration file to the list,
	so that we can see?


Please do not print this email unless it is absolutely necessary. 

The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. 

WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email.

More information about the bind-users mailing list