On Thu, Oct 31, 2002 at 02:03:31PM -0500, Jason A. Specland wrote: > The secondary DNS server, auth02.ns.uu.net, which is supposed to be > authoritative for tivoli.com, isn't. It's pointing people back at > a.root-servers.net and company. > > This is a lovely illustration of why you should make sure that the > nameserver you designate as your secondary, really IS your secondary.
And in addition to the that, there's something else wrong with tivoli.com (that can make tivoli.com unreachable to many clients): The .com servers refer to auth02.ns.uu.net and uugate.tivoli.com for tivoli.com. At the moment, uugate.tivoli.com isn't responding. This isn't that bad. What is much worse is that auth02.ns.uu.net *doesn't* provide an NS record for tivoli.com to uugate.tivoli.com. This will make tivoli.com unreachable to many clients. Solution: make sure the NS records provided by the child servers include the NS records provided by the parent servers. http://marc.theaimsgroup.com/?l=bugtraq&m=94770311013265&w=2 http://cr.yp.to/djbdns/notes.html (heading "Limited parents") -- Jurjen Oskam PGP Key available at http://www.stupendous.org/
