Re: error (broken trust chain) resolving

2010-11-24 Thread Brian J . Murrell 
Jeremy C. Reed  isc.org> writes: 
> 
> I was reading it all along, but could never reproduce.

Given the new information I have, I'll hazard to guess that you were trying to 
reproduce with something newer than 9.7.0-P2.

> I thought it was 
> a temporary issue.
> 
> I see your new bug report. Someone will follow up soon.

That can probably be closed out (I will follow-up on it as soon as I'm done
here) but I have taken a variance from my distro's prescribed BIND version of
9.7.0-P2 and built a 9.7.2-P2 and after about 12h of data collecting the
problem seems to be gone.

I am going to bug report with said distro also as I hate varying from the 
"working set" because it just causes possible future problems trying to bug 
report with them.  "you are not using the version we support, bla, bla, bla".

So in the end it seems that perhaps it was a bug/situation that was cleared up 
between 9.7.0-P2 and 9.7.2-P2.

Thanx to all that persevered through all of this.  I really should have just 
bitten the bullet and upgraded in the first place.

Cheers,
b.


___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Help with the subzone problem

2010-11-24 Thread Tech W. 
Hello,

I found a strange problem.

We have a zone in Bind, for example, abc.com
We designate a subzone of it to another dns server, for eaxmple, F5's 3DNS.

The corresponding RR in Bind is:

games.abc.com.  IN  NS  3600  ns1.example.com.
games.abc.com.  IN  NS  3600  ns2.example.com.

Bind's setup is OK.
Both ns1 and ns2.example.com are the domain names for 3DNS.

But F5's 3DNS can't setup the NS records for games.abc.com.
That means, when query to:

dig games.abc.com ns @ns1.example.com

get nothing.

So, under this case though most time the people's query is OK, but the windows 
DNS Server we noticed, doesn't behave well sometime.

If windows DNS (Cache Server) doesn't have games.abc.com 's NS records cached, 
any query to games.abc.com will get an empty response. For example, query to 
www.games.abc.com will get nothing if the peer is windows DNS server and at 
that time the server doesn't have games.abc.com's NS records in its cache.

So is this my problem or F5's problem or windows DNS server problem?

Thanks!

Kind regards,
Ken.


  
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users