caching problems with bind 9.4.3

Fri Nov 20 21:08:06 UTC 2009

Gil Vidals wrote:
> Hello,
> I have a master and slave running bind 9.4.3,

You should upgrade to version 9.4.3-P3 which has fixes for some
security issues.

> and there is a problem
> with the outside world resolving new domains that I add to my name
> servers. Here is the sequence:
> 1) add new domain
> 2) dig shows matching SOA and correct zone info.

Are you updating and testing all of your name servers? You mention
"master and slave" in 5 below, so I assume you have at least 2.

> 3) wait two days
> 4) check a random name server such as openDNS and results are wrong -
> only about half of their name servers have the correct info.

As another poster mentioned, without specific examples it's really
hard to guide you further.

> 5) restart named on my master and slave
> 6) re-check openDNS and voila! everything is good.

This is actually quite odd, since in theory opendns would be caching
the wrong answers and restarting your servers would not immediately
cause that information to be updated. We definitely need more specific
information to help you further.



