ignoring incorrect nameservers in authority section

Hi, Some authoritative nameservers add incorrect nameservers in the authority section of their replies. Due to caching of the incorrect reply, further queries for that domain go to those incorrect nameservers. Is there a way to ignore / not cache such replies? For example, if ns1.realserver.com g

Re: ignoring incorrect nameservers in authority section

On 22.12.10 14:01, Sunil Shetye wrote: > Some authoritative nameservers add incorrect nameservers in the > authority section of their replies. Which authority and which domain? Most of authorities add nameservers domain was registered on. > Due to caching of the incorrect > reply, further querie

Re: ignoring incorrect nameservers in authority section

Quoting from Matus UHLAR - fantomas's mail on Wed, Dec 22, 2010: > > Is there any solution to this problem without contacting the DNS > > administrator of that domain? I have seen this problem for many > > domains on the internet. > > Well, first find which is the real problem - domain delegated t

Re: ignoring incorrect nameservers in authority section

> Quoting from Matus UHLAR - fantomas's mail on Wed, Dec 22, 2010: > > > Is there any solution to this problem without contacting the DNS > > > administrator of that domain? I have seen this problem for many > > > domains on the internet. > > > > Well, first find which is the real problem - domain

Re: ignoring incorrect nameservers in authority section

Quoting from Matus UHLAR - fantomas's mail on Wed, Dec 22, 2010: > > Case 1: > > > > Domain: e-nxt.com > > Real Nameservers: ns1.webpresenceworld.com. ns2.webpresenceworld.com. > > Fake Nameservers: ns5.zenexpress.com. ns6.zenexpress.com. > > Why fake? > > Both ns1.webpresenceworld.com and ns2.

Re: Bind not returning A record

Paul Ooi Cong Jen wrote: kwsp.gov.my.86400 IN NS ns3.pttcdc.com.my. ;; Received 109 bytes from 137.189.6.21#53(ns2.cuhk.edu.hk) in 52 ms www.kwsp.gov.my.43200 IN CNAME www.yu.kwsp.gov.my. ;; Received 54 bytes from 202.184.117.10#53(ns3.pttcdc.com.my) in 2

Re: Bind not returning A record

On 22-Dec-2010, at 9:41 PM, Lyle Giese wrote: > Paul Ooi Cong Jen wrote: >> kwsp.gov.my.86400 IN NS ns3.pttcdc.com.my. >> ;; Received 109 bytes from 137.189.6.21#53(ns2.cuhk.edu.hk) in 52 ms >> >> www.kwsp.gov.my.43200 IN CNAME www.yu.kwsp.gov.my. >> ;; R

Re: Bind not returning A record

Am Wed, 22 Dec 2010 21:53:14 +0800 schrieb Paul Ooi Cong Jen : > > On 22-Dec-2010, at 9:41 PM, Lyle Giese wrote: > > > Paul Ooi Cong Jen wrote: > >> kwsp.gov.my.86400 IN NS ns3.pttcdc.com.my. > >> ;; Received 109 bytes from 137.189.6.21#53(ns2.cuhk.edu.hk) in 52 ms > >>

Re: Bind not returning A record

The A records for ns1.yu.kwsp.gov.my and ns2.yu.kwsp.gov.my is missing at the authoritative servers for the subdomain yu.kwsp.gov.my, ie : ns1.yu.kwsp.gov.my. 43200 IN A 202.162.21.163 ns2.yu.kwsp.gov.my. 43200 IN A 211.25.56.211 # dig @202.162.21.163 ns1.yu.kws

Re: DDNS fails. record allready exists

Hi, keep calm ;-) I do not await a solution in 5 minutes ;-) Am Dienstag, 21. Dezember 2010, 23:38:13 schrieb Bill Larson: > On Mon, Dec 20, 2010 at 1:34 PM, wrote: > > Hi List, > > I have not yet found a solution for my problem. So I came here: > > > > I use DDNS. Every night my server (in my l

Re: Bind not returning A record

In message <4e9b037f-4c66-460e-b70f-5ce9619ff...@takizo.com>, Paul Ooi Cong Jen writes: > Hi All, > > I am having problem with Bind query, but not sure is it client error or server > error. > Below is the server details. > > Server running FreeBSD 8.1 > Bind 9.7.0-P3 Upgrade. You really do

dnssec subzone not signed question

Greetings, Thanks to all for the excellent information on the list and taking the time to reply. Upgrading server hardware, RedHat SELinux, bind, dhcp and going for dnssec on these new machines. Getting close but still some basic questions before going to a production island of security. Signed

Re: ignoring incorrect nameservers in authority section

On ons 22 dec 2010 10:09:10 CET, Matus UHLAR - fantomas wrote Well, first find which is the real problem - domain delegated to invalisd servers, server providing invalid data, and than you have to fix what is broken. Give us a real example if we have to provider real solution. zone "rfc-ignor

Re: named: high memory usage under FreeBSD-7...?

Hi-- On Dec 21, 2010, at 4:34 PM, Doug Barton wrote: > You're combining too many variables. Whilst on the same platform (presumably > FreeBSD 7) install dns/bind94, run your tests. Then deinstall that, and > install dns/bind96; then run your tests. > > I suspect that what you're seeing is actua

Re: dnssec subzone not signed question

> Showing my ignorance, can I > Just not sign the dynamic subzones, wirelessN/buildingN.example.edu > , even though example.edu > is signed? Sure. As long as you don't put a DS record in the parent, you most certainly don't HAVE to sign the chi

BIND 9.7.3b1 is now available

Introduction BIND 9.7.3b1 is the first beta release of BIND 9.7.3. This document summarizes changes from BIND 9.7.1 to BIND 9.7.3. Please see the CHANGES file in the source code release for a complete list of all changes. Download The latest release of BIND 9 software can always

Re: dnssec subzone not signed question

Hi Alan, Sorry, still needing spoon fed. When you say DS record in the parent, would this be .example.edu or my parent .edu The end result is get example.edu as a dnssec secured zone by getting a DS record in .edu So it sounds like when I do upload the example.edu DS record to .edu, my subdomain

Re: DDNS fails. record allready exists

Also be careful about .local, that name is being used by the systems for "bonjour", so if you also use it, strange things have been known to happen. May I suggest e.g. .lan, .home, .xyz, ... On 22/12/10 21:06, magic-b...@damage.devloop.de wrote: > Hi, > keep calm ;-) I do not await a solution in 5

Re: DDNS fails. record allready exists

This is a DHCP issue and I would be re-asking on the dhcp list if the explantion below is not enough. Named is just honouring what is in the update requests. dhcpd trys to ensure it doesn't clobber records it doesn't have change control for. From memory it does this with a new lease by asking i

Re: Bind not returning A record

On 23-Dec-2010, at 4:39 AM, Mark Andrews wrote: > > In message <4e9b037f-4c66-460e-b70f-5ce9619ff...@takizo.com>, Paul Ooi Cong > Jen > writes: >> Hi All, >> >> I am having problem with Bind query, but not sure is it client error or >> server >> error. >> Below is the server details. >> >

Re: dnssec subzone not signed question

On 12/22/2010 6:49 PM, jim wrote: > Sorry, still needing spoon fed. No problem. You might be interested in a presentation that I gave at NANOG earlier in the year: ftp://ftp.isc.org/isc/pubs/pres/NANOG/50/DNSSEC-NANOG50.pdf > When you say DS record in the parent, would this be .example.edu >