2011/9/23 Kevin Darcy <k...@chrysler.com>:
NXDOMAIN is a *permanent* response; at least it's "permanent" in the absence
of any change the relevant DNS RRset or zone.
You're almost certainly getting the NXDOMAIN because you're spoofing the
root servers, and your "fake" root servers don't have the same knowledge as
the real ones, so they'll return NXDOMAIN for some queries (whereas dig
+trace does not, because it follows the hierarchy down and asks different
nameservers). In other words, you're shooting yourself in the foot with your
hints-file trickery.
On 23.09.11 08:49, Drunkard Zhang wrote:
No, I got 2 layers of DNS, recursive resolution DNS and dns-cache
which forward all it's queries to recursive DNS.
Why? Can't your "recursive resolution DNS" cache records?
I want the spoofing
of root servers happened on dns-cache (still not by now),
Why do you want to do the spoofing at all?
if you want to implement local TLD or any king of zone visible locally,
you can define it on recursive servers, or on different servers and
forward requests for that zone from caches to those different servers.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
The only substitute for good manners is fast reflexes.
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
