BIND Workaround for Broken DNS
Matus UHLAR - fantomas
uhlar at fantomas.sk
Sat Jan 18 13:02:58 UTC 2020
On 17.01.20 22:03, Crist Clark wrote:
>We have a service vendor with broken DNS. It looks like a well known
>problem of F5 load balancers. For the name,
>
> efederation.wip.ceridian.com (you get redirected there from
>https://iam.ceridian.com)
>
>The DNS "servers" return an answer for a A request, but when you ask
>for any other record type, they send a name-does-not-exist status,
>"NXDOMAIN." Once our caching BIND servers get the NXDOMAIN response,
>the A record info doesn't matter anymore. They return NXDOMAIN for a A
>record query too.
>
>Yes, yes, I know the Right Answer is to get the vendor to fix their
>load balancer. But we get the "it works when we're at home," "it works
>with Google/Cloudflare DNS," "it works on my phone when I use mobile
>data," so our DNS server must be broken. We have to make it work while
>we convince the vendor to fix it.
knowing their DNS when they are at home and use mobile data, plus a few
requests to google DNS could change their "it works when..."
I don't know how google DNS works, some reported it not following standard
much.
--
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
(R)etry, (A)bort, (C)ancer
More information about the bind-users
mailing list