odd behavior in bind-8.2.2_P3 (fwd) - "illegitimate COM server" - more
LaMont Jones
lamont at security.hp.com
Fri Sep 8 00:38:12 UTC 2000
> Define "very old name servers". Unfortunately, bind-8.2.2_P3 is the
> latest from some vendors. The one I keep running into this problem on
> uses 1 forwarder. That was also running bind-8.2.2_P3, but was upgraded
> to bind-8.2.2_P5 to see if that would help. It didn't. If I turn off
> forwarding, this ceases to be a problem, even on the 8.2.2_P3 systems.
In the absence of forwarders, anything from _at_least_ 8.1 will not have
the problem of caching the bad referral.
In the presence of forwarding, the bad referral will overwrite the
correct answers, but (as long as you're not giving out auth answers to
some other NS), you'll never actually query the com servers(*) (you
query the forwarder), so it's not really as bad as it sounds.
(*) If you forward-first, and the forwarder is down, then you do have a
problem.
Mark Andrews posted a patch that should make everything go through the
cache, (although I must admit that I'm not entirely sure that's what we
want, or that I understand it...). That would still need to go on the
forwarder, not the forwardee, if I understand it as well as I think I
do...)
lamont
More information about the bind-workers
mailing list