-----Original Message----- From: Dave Sparro <dspa...@gmail.com> Date: Friday, October 3, 2014 at 1:04 PM To: "bind-users@lists.isc.org" <bind-users@lists.isc.org> Subject: Re: Diagnostic help part 2
>On 10/1/2014 3:45 PM, Tony Finch wrote: >> (Sorry for straying off topic. I have less experience of Cisco PIX/ASA >> breaking DNS than of them breaking SMTP.) >I can't resist either.. >I specifically remember a PIX that bit me by "helpfully" changing the >payload of an axfr so that the A records that traveled through the PIX's >NAT got flipped to the inside RFC-1918 addresses for the servers that >were behind the NAT as well. > >It took a couple rounds of "your sending me the wrong stuff... No I'm >Not!" until we figured it out. Yeah, I've had similar experiences on various platforms over the years... I know it's hard for smaller shops, but even when I was in startup land I built labs to validate design and behavior (the difference was the "labs" were often under my desk or in a closet). Finding unexpected behavior like this in production is always stressful. Ultimately, we have a responsibility as engineers/architects to conduct due diligence and not make assumptions. Testing and validation are key parts of our job. Anything made by people can have bugs or simply unexpected behavior. :-) _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
