Thanks to everyone for their help with this, and I didn't even start the
thread! I definitely hadn't considered the issue of external CNAMES or
their ramifications.
RCN's now returning SERVFAIL for us, which is still a bit weird (most
everyone answers with REFUSED for other people's domains), so I've
contacted them again. Hopefully the cease-and-desist won't be necessary.
John
On 06/19/2012 06:45 AM, Tony Finch wrote:
Mark Andrews<ma...@isc.org> wrote:
In message<4fdf631a.4060...@brandeis.edu>, John Miller writes:
We've actually run into this before. Once upon a time, RCN cable used
to run some slave servers for us, but we've long since moved away from
them, including zone transfers. We yanked them from our registrar a
long time ago, and life was good. For whatever reason, RCN's still
answering queries for brandeis.edu.
And if there is another zone with a CNAME to a brandeis.edu domain
on those servers the clients will be getting old data. As you have
no control over creation of CNAMEs in other zones I would suggest
that you send them a Cease and Decist notice if they are still doing
it.
Here's a tip for anyone running an open DNS hosting service: you can use
"additional-from-auth no; additional-from-cache no;" to reduce problems of
this kind.
Tony.
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
