NAMED try to solve domain from old authoritative server

Matus UHLAR - fantomas uhlar at fantomas.sk
Thu Apr 2 09:08:50 UTC 2015


On 02.04.15 11:52, Teerapatr Kittiratanachai wrote:
>Firstly, I have 2 nameserver, the first nameserver is the
>authoritative nameserver and not allow the recursive. The second one
>is the recursive nameserver, and also store zonefile as the same with
>the first server.
>
>I have remove zonefile from the first server and reload named process.
>It can work normally, I got the SERVFAIL response when I try to query
>from it.

if the server is configured to read zone file, but can not find the file, it
treats this as an error and returns SERVFAIL.

>And at the second server, after it remove zone from named.conf and
>`rndc reload`, it also can query from the new authoritative
>nameserver. 

if you don't remove the zone file, but the zone definition, the zone is not
considered as local, and recursion takes place.

>But after a few hours, new TTL is 600, it go back to query
>from my first server which give me below log.

some of new authoritative files contains NS record for the domain pointing
to your first server, so the recursive server asks your first server, which
returns SERVFAIL.

>I must do the `rndc flushname domain.tld` to flush the cache.
>However a few hours after I flush cache, the problem occur again.
>
>Does anyone ever face this problem?

such problems appear when people put incorrect NS records to zone files.
Note that not only parent zone must have proper NS (glue) records to child zones,
but the child zones must have them too.

-- 
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
"The box said 'Requires Windows 95 or better', so I bought a Macintosh".


More information about the bind-users mailing list