extranet.aro.army.mil - not resolving
Tony Finch
dot at dotat.at
Fri Jun 1 11:07:50 UTC 2018
Con Wieland <cwieland at uci.edu> wrote:
> I have a nameserver that can not resolve extranet.aro.army.mil.
The end of the CNAME chain is e1008.d.akamaiedge.akamai.csd.disa.mil. The
authoritative servers for this name really like to drop queries if they
don't like the qtype. This is very bad, because it makes it easy to upset
resolvers.
My server can usually resolve this name OK, but I can kick it into
SERVFAIL mode with:
d=e1008.d.akamaiedge.akamai.csd.disa.mil.;
while [ -n "$d" ];
do dig $d in ns $d in ds $d in dnskey;
d=$(echo $d | sed 's/^[^.]*[.]//');
done
serve-stale helps my resolver recover from being kicked like this.
Tony.
--
f.anthony.n.finch <dot at dotat.at> http://dotat.at/
Irish Sea: Variable 3 or 4. Smooth or slight. Thundery showers, fog patches.
Moderate or good, occasionally very poor.
More information about the bind-users
mailing list