http://marc.info/?l=bind-users&m=122239920822324&w=2 http://marc.info/?l=bind-users&m=122243068905656&w=2
We upgraded to 9.5.0-P1 when the Kaminsky DNS vulnerability was announced and have had intermittent issues with SERVFAIL problems for some DSL modems that don't properly fail over to a secondary DNS server. A packet capture showed that certain domains would result in a SERVFAIL, and once that domain was identified, if we did a dig against it we had the same result. We've had to stop and start the named service about half a dozen times this fall to resolve the issue. We upgraded to 9.5.0-P2 in early November, hoping that this issue would be resolved. But today we experienced the problem again. A customer couldn't query a site, although everything seemed correct. I captured all their traffic and the trace showed that the DNS server was issuing a SERVFAIL. I stopped and then started named and immediately all was well. Since we sometimes reload named when adding/modifying domains, or at other times use rndc, I'm not sure if that "cleared" things up such that this is the first time I recall having this problem in 2 months. Is this intermittent SERVFAIL issue resolved in 9.5.1-P1? Frank _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
