|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] weird named behavior...
|
Mike,
Things actually do work properly, they very first time it loads on the
primary dns server. It loads fines, local lookups return all the right
bogus a records.
What happens is, when my secondary dns server tries to do a zone tranfer
for this bogus domain against the primary server, the primary server
(following a named restart) no longer returns data for the local zone
file. And the secondary name server with the failed zone transfer errors
out saying I am not authoritative for apple.com. There is nothing in logs,
and like I said, the zone file previously worked fine. I can never get
apple.com working again on the primary. Even though, ten minutes earlier
is was working fine.
Its very bizarre.
-John
On Mon, 12 Sep 2005, Michael C. Toren wrote:
> On Mon, Sep 12, 2005 at 11:27:42AM -0400, John Von Essen wrote:
> > So, then I go to my secondary nameserver, and setup apple.com as a slave
> > zone to the primary machine I just finished settign up. Do a ndc restart,
> > but this time BIND complains, it says I'm not authoritative for apple.com
> > (which I'm not...) and I cant complete the zone transfer.
> >
> > Now this is wehre it gets weird. If I go back to my primary dns, where
> > apple.com was previously work, and do an nslookup, it ignores my local
> > zone, and goes out to the authoritative DNS server for apple.com
>
> If things were working properly, in this configuration your nameserver
> would respond with the bogus A record for www.apple.com, and it would
> think that it was authoritative for the apple.com zone. Both problems
> you're reporting are symptoms of the same root cause -- that the zone on
> your primary is misconfigured or otherwise not loading properly. If you
> stop and start the daemon, what does bind write to your logfile on
> startup?
>
> > And it can't figure out how BIND disables itselfs for that local apple.com
> > zone that it somehow determined was not authoritative...
>
> If you define a zone in your named.conf file as master, and if the
> zonefile loads successfully, bind will report itself as authoritative.
> There's no magic where it checks against the root servers to confirm
> you're authorized to use the zone, or anything along those lines.
>
> HTH,
> -mct
>
> --
> perl -e'$u="\4\5\6";sub H{8*($_[1]%79)+($_[0]%8)}sub G{vec$u,H(@_),1}sub S{vec
> ($n,H(@_),1)=$_[2]}$_=q^{P`clear`;for$iX){PG($iY)?"O":" "forX8);P"\n"}for$iX){
> forX8){$c=scalar grep{G@$_}[$i-1Y-1Z-1YZ-1Y+1ZY-1ZY+1Z+1Y-1Z+1YZ+1Y+1];S$iY,G(
> $iY)?$c=~/[23]/?1:0:$c==3?1:0}}$u=$n;select$M,$C,$T,.2;redo}^;s/Z/],[\$i/g;s/Y
> /,\$_/xg;s/X/(0..7/g;s/P/print+/g;eval' # Michael C. Toren <mct@toren.net>
>
> ___________________________________________________________________________
> Philadelphia Linux Users Group -- http://www.phillylinux.org
> Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
> General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
>
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|