Is there any specific reason, why don't you use nsupdate to manage updated dynamic zone within bind9? What are requirements of your application? Why don't you include just NS, NAPTR and CNAME in existing zone, where only top level SOA and NS records would be static?
Is speed of changes critical? How many records might your application serve? Is it required to analyze incoming queries? If you return Not implemented error to A query, what else should BIND9 forward? A record is just the basic record type defined by the very first RFC. It did not receive positive nor negative response to it. Please stop guessing what would make it work. Whatever you would create this way would be broken. You would have to fix bugs in it for years. Please accept tips from people working on DNS for years and use something they already spent a lot of time on. Please avoid developing any new project on RHEL/CentOS 6 too. It is quite old, I do not think any new deployment with a new application should start on it. Even RHEL 7 already receives critical updates only. Regards, Petr On 9/15/21 9:40 AM, Sonal Pahuja wrote: > Hi Mark, > > Thanks for the response. Now NS query is working fine!! > > But I have one more query- > > we have our application to resolve e164 domain queries i.e NS, NAPTR and > CNAME queries only. If user give any other query type then application sends > RCODE=4(NOT_IMPLEMENTED) in response. > But bind9 is rejecting our response and sends SERVFAIL. > > Attached is the PCAP. > > Please share your views again on this. Thanks in advance! > > Regards, > Sonal > > > > -----Original Message----- > From: Mark Andrews [mailto:ma...@isc.org] > Sent: Wednesday, September 15, 2021 1:51 AM > To: Sonal Pahuja <sonal.s.pah...@oracle.com> > Cc: bind-users@lists.isc.org > Subject: [External] : Re: NS query on bind9 > > Named is very picky about returned SOA records in negative responses. If it > has followed/seen a delegation then the returned SOA record in the response > needs to be at or below that point. > > I suspect that named has a cached NS RRset between e164.arpa and > 4.0.4.5.2.4.1.4.2.0.2.4.e164.arpa which is causing the returned response to > be rejected. > > Mark > > > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > ISC funds the development of this software with paid support subscriptions. > Contact us at https://www.isc.org/contact/ for more information. > > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users -- Petr Menšík Software Engineer Red Hat, http://www.redhat.com/ email: pemen...@redhat.com PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
