odd behavior in bind-8.2.2_P3 (fwd) - "illegitimate COM server" - more
LaMont Jones
lamont at security.hp.com
Wed Sep 6 14:52:14 UTC 2000
> 8.2.2-P5 caches the response, overwriting the cached servers already
> there. Interestingly, 8.2.2-P3 logs the following:
> Sep 6 08:02:20 zz named[5365]: bad referral (com !< EROSROUGE.com)
> So this would seem to have become broken between 8.2.2-P3 and 8.2.2-P5.
Boy is my face red. In all of my test cases, the "broken" nameserver
was configured to forward-first...
The forwarder logs the bad referral, and passes the answer back with
the bad authority section in tact. The requestor then updates the
cache, trashing his understanding of com.'s nameservers. The good
news for my configs is that since I'm forward first, I never query
the .com servers directly, but only through the forwarder, so
everything works _except_ for ns queries against com.
Which really just changes the defect to be that when sending a received
reply to a query, it should be after we prune the crap from it, and
when receiving a reply from a forwarder, we should still prune crap
from it.
lamont
More information about the bind-workers
mailing list