Problems removing a domain

Matus UHLAR - fantomas uhlar at fantomas.sk
Tue Mar 5 15:32:06 UTC 2019 

>> On 05.03.19 14:41, Paul van der Vlis wrote:
>>> This was a long time ago. In the meantime I have rebooted the server.
>>>
>>> What I see, is that the resolving does not work from other locations.
>>>
>>> Only when I use my own nameserver the domain is resolved, and it gives
>>> an "Non-authoritative answer".
>>
>> both kinds of behaviour indicate that the domain is not configured on your
>> BIND server, but it was resolved using recursion
>>
>>> Any idea how to delete this?
>>
>> delete what? the domain does not exist now, but it's configured and
>> delegated. your BIND may have cached local copy, or you have forwarding set> to a server which does know the domain.
>
>No, I have never done that.
>
>> can you use "dig" instead of "host" to see what does your BIND know?
>>
>> dig any extensus.nl.

On 05.03.19 16:20, Paul van der Vlis wrote:
>root at ns1:/etc/bind/domeinen# dig any @localhost extensus.nl
>
>; <<>> DiG 9.10.3-P4-Debian <<>> any @localhost extensus.nl
>; (2 servers found)
>;; global options: +cmd
>;; Got answer:
>;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 57790
                                        ^^^^^^^^
SERVFAIL here.

>;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
>
>;; OPT PSEUDOSECTION:
>; EDNS: version: 0, flags:; udp: 4096
>;; QUESTION SECTION:
>;extensus.nl.			IN	ANY
>
>;; Query time: 53 msec
>;; SERVER: ::1#53(::1)
>;; WHEN: Tue Mar 05 16:12:54 CET 2019
>;; MSG SIZE  rcvd: 40
>
>root at ns1:/etc/bind/domeinen#
>---------

this is the proper and expected response, since the extensus.nl domain is
delegated to servers that don't know about it. 

>But... I think I found it:
>----------
>root at ns1:/etc/bind/domeinen# rndc flushtree extensus.nl
>root at ns1:/usr/local/sbin# nslookup extensus.nl localhost
>;; Got SERVFAIL reply from ::1, trying next server
>Server:		localhost
>Address:	127.0.0.1#53
>
>** server can't find extensus.nl: SERVFAIL
>
>root at ns1:/usr/local/sbin#
>----------

this is in fact the same result, using the obsolete "nslookup" command
see the SERVFAIL in dig output above.

-- 
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
The only substitute for good manners is fast reflexes.

More information about the bind-users mailing list