Secondary DNS question...
Lawrence K. Chen, P.Eng.
lkchen at ksu.edu
Wed Jun 26 19:31:18 UTC 2013
Oops, images were too big....here's links.
----- Original Message -----
> >> All very interesting, but I'm afraid at my level of expertise on
> >> DNS, I'm
> >> not following. If I'm broken, how do I attempt to fix? Someone
> >> mentioned
> >> that our ns1.starionhost.net was not authoritative. How does one
> >> even
> >> decide that? As far as I know I haven't had any issues until
> >> now...
> >On Jun 26, 2013, at 12:38 AM, Frank Bulk <frnkblk at iname.com> wrote:
> >> Do you have a box such as a firewall or load-balancer sitting in
> >> front of
> >> ns1?
> On 26.06.13 01:46, SH Development wrote:
> >No, the box is hanging right off the internet on a static IP.
> there's apparently something wrong about your server or its firewall.
> DNS responses (at least for the SOA) come out broken (at least they
> invalid here), however I have no idea in which way they are broken.
> Maybe someone with better DNS knowledge could look at output I have
> before. Available at
> https://lists.isc.org/pipermail/bind-users/2013-June/090970.html or
> format at http://test.fantomas.sk/126.96.36.199.dns.pcap
I had poked around with some of the online DNS checking tools, and found one (dnsvis.net) that reported a response from ns1.starionhost.net, but apparently I never hit send and I cleaned out my drafts folder this morning.
Below is what I saw for responses....though not sure if its right or wrong for an authoritative nameserver to have 0 authority records in the response.
Since I also linked the result for my own domain....which shows ns-1.ksu.edu and ns-3.ksu.edu are also doing that (which I attribute to having minimal-responses set.)
Might require deeper analysis.... I recall a problem with a delegated subdomain where the NS we were pointed at were answering but non-authoratively. (which I suppose I could kluge them in as a forward zone, as I'm doing for another groups AD....though there is now talk of whether that AD should have me be secondaries to them, which I suppose I should find out what's involved in that.)
> Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
> Warning: I wish NOT to receive e-mail advertising to this address.
> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
> I'm not interested in your website anymore.
> If you need cookies, bake them yourself.
More information about the bind-users