RE: [DNS] BIND Delegation Only

RE: [DNS] BIND Delegation Only

From: Sean Finn <sean.finn§ozservers.com.au>
Date: Thu, 20 Nov 2003 16:26:38 +1000
We had a similar problem recently, whereas some lookups would work, and some
just plain wouldn't.

It was due to the primary DNS server zone files being updated, but the
SERIAL value in the zone file WASNT being updated.

The slave DNS server therefore kept out of date / borked information.

Slave servers look at the SERIAL value to determine if they should update or
not.

Anyway, just sharing my experiences. This one had me ripping hair out for a
day or so.

www.checkdns.net helped us to identify the problem

Best Regards
Sean Finn
www.ozservers.com.au

-----Original Message-----
From: Anand Kumria [mailto:wildfire&#167;progsoc.uts.edu.au]
Sent: Thursday, November 20, 2003 2:45 PM
To: dns&#167;lists.auda.org.au
Subject: Re: [DNS] BIND Delegation Only


Hi Alwyn,

I'm coming a bit late here and it would seem you've since resolved your
problem. However I'm not sure I understand what the original problem
was, could you elaborate futher?

On Wed, Nov 12, 2003 at 04:55:55PM +1000, Alwyn Smith wrote:
> This one had me going for a while because the problem was further up the
dns
> chain than I was looking.  Hopefully this info may help someone else with
> "inexplicable" dns failures on .au domains.
>
> afgonline.com.au would not resolve:
>
> afgonline.com.au.       2554    IN      NS      ns1.rescuegroup.com.au.
> afgonline.com.au.       2554    IN      NS      ns2.rescuegroup.com.au.

so, dig ns1.recusgroup.com.au and dig ns1.recusgroup.com.au would both
fail?

>
> ns1.rescuegroup.com.au. 2554    IN      A       203.103.84.232
> ns2.rescuegroup.com.au. 2554    IN      A       210.11.148.5

Were these glue records for ausregistry.net or were they listed as NS in
the zone file?

>
> rescuegroup.com.au.     2477    IN      NS      ns1.rescuegroup.com.
> rescuegroup.com.au.     2477    IN      NS      ns2.rescuegroup.com.

Same question as above.

>
> If you operate bind in "delegation only" mode then lookups of .au domains
> with name servers _ultimately_ in "delegation only" domains will fail.

So this is a client problem (i.e. the admin of a zone has setup
delegation only) and there isn't much that a third party zone operator
can do about things?

Not sure I fully understand, and insight would be appreciated.

Regards,
Anand

--
 `` We are shaped by our thoughts, we become what we think.
 When the mind is pure, joy follows like a shadow that never
 leaves. '' -- Buddha, The Dhammapada

---------------------------------------------------------------------------
List policy, unsubscribing and archives => http://dotau.org/
Please do not retransmit articles on this list without permission of the
author, further information at the above URL.
Received on Fri Oct 03 2003 - 00:00:00 UTC

This archive was generated by hypermail 2.3.0 : Sat Sep 09 2017 - 22:00:07 UTC