[bind10-dev] using our resolver for real work (and NSAS failures)
Jeremy C. Reed
jreed at isc.org
Fri Jun 8 17:20:42 UTC 2012
The old git server used our resolver for over a year. I have been using
it as a forwarder for over a year. Over the past couple months, I
configured most of our build systems, the BIND 10 web server, and main
BIND 10 zone DNS server to only use our resolver. (The open resolvers
running on both n10 and git boxes.)
A few times I have noticed problems.
I noticed yesterday that sendmail had problems sending mail from the
Trac server to one of the bug submitters (not part of the team) due to
DNS lookup failures.
I opened a few tickets about some problems:
NSAS permanently cache unreachable namservers?
http://bind10.isc.org/ticket/2031
NSAS wrongly recording nameservers are unreachable
http://bind10.isc.org/ticket/2030
NSAS repeating same tasks near simultaneously
http://bind10.isc.org/ticket/2029
Before I opened the tickets, one of our developers via jabber said:
``I'm afraid we won't have time to fix the current b10-resolver ...
except for very critical bug fixes like reproducible crash or security
bugs.'' He suggested we ``keep [a] record [of] these weird things so we
can do it right in our "real resolver" work later this year ...
[because] trying to fix these for the current implementation will be a
duplicate effort.''
I think my problems are related to my the old, now-closed (but not fixed
as far as I know), ticket 833:
[b10-resolver] Nameservers unreachable but really are
http://bind10.isc.org/ticket/833
The resolver has been in our tree for a couple years. Does anyone else
use it?
The BIND 10 systems are still using our resolver. I worked around one
problem by restarting b10-resolver.
More information about the bind10-dev
mailing list