Re: BIND 8 data loss problem
This is a discussion on Re: BIND 8 data loss problem within the Bind Users forums, part of the DNS and Related Forums category; > The NS records in the response have been moved from the Answer Section > to the Authority Section, which ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
02-17-2005
|
|||
|
|||
Re: BIND 8 data loss problem
> The NS records in the response have been moved from the Answer Section > to the Authority Section, which makes more sense since the response is > effectively a referral. See > > 1461. [func] return referrals for glue (NS/A/AAAA) if > recursion is > disabled (recursion no;). > > in the src/CHANGES file. > > If you want to provide an actual *answer* to that question, then you > either need to recurse for it (which would require loosening your > recursion settings) or be authoritative (i.e. a slave) for the zone. > It's possible you might be able to accomplish this by defining the child > as a "stub" zone, but I don't have a working installation of 8.4.6 to be > able to confirm or deny this... > > > - Kevin Note also this is a authorative only server (recursion no;). End systems are not expected to query this directly but rather through a iterative resolver. A iterative resolver will follow the referral and get the NS records from the slave. > Ann James wrote: > > >Hi, > > > >I am trying to replace older BIND versions 8.2.2 and 8.2.7 with 8.4.6 on > >a Solaris8 platform. The 8.2 packages were built by someone else and I > >do not have their build environment. > > > >I am building 8.4.6 on a Solaris8 platform and it appears to work fine. > > But I'm am experiencing data loss for certain records. I have also > >tried 8.4.5 and had the same results as 8.4.6. I'm using the standard > >out of the box compile. > > > >Here are some of the RRs I am having trouble with: > > > >wood.schc.meed.zaboo.org. NS woodaa.schc.meed.zaboo.org. > >wood.schc.meed.zaboo.org. NS woodab.schc.meed.zaboo.org. > >17.88.82.166.in-addr.arpa. PTR wood.schc.meed.zaboo.org. > > > >This happens about 300 times throughout the data, all RRs setup with > >both PTR and NS to the same FQDN. In this case wood.schc.meed.zaboo.org. > > > >Under 8.4.6 when I dig for PTR records I get 1 answer as expected. > >Under 8.2.2 / 8.2.7 when I dig for PTR records I get 1 answer as expected. > > > >Under 8.4.6 when I dig for NS records I get 0 answers. > >Under 8.2.2 & 8.2.7 when I dig for NS records I get the expected response. > > > >Why won't BIND 8.4.6 provide an authoritative answer for these records? > > It is a customer's data and they are reluctant to change it. This data > >is a private namespace behind a firewall. > > > >I have whittled the data down to the bare minimum required to reproduce > >the problem. I've attached below the conf and db files, dig results > >from both servers and syslog messages logged by both servers. Sorry for > >the long post. > > > >Any help would be greatly appreciated. I'm at a loss right now. > > > >Ann > > > >-------------- File: named.conf -------------- > >controls { > > inet 127.0.0.1 port 953 allow { localhost; }; > >}; > > > >options { > > directory "/opt/test"; > > > > fetch-glue no; > > multiple-cnames yes; > > > > recursion no; > > > > check-names master ignore; > > check-names response ignore; > > check-names slave ignore; > > > > allow-transfer { any; }; > > allow-query { any; }; > > > > auth-nxdomain yes; > > rrset-order { order fixed; }; > > > > files unlimited; > > notify no; > > > > dump-file "/var/test/dump.db"; > > statistics-file "/var/test/stats"; > > > > version "RESTRICTED"; > > > > statistics-interval 30; > > > > query-source address * port 53; > >}; > > > >logging { > > channel ns_syslog { > > syslog daemon; > > severity info; > > }; > > channel ns_queries { > > file "/var/test/queries" size 300M; > > print-time yes; > > severity dynamic; > > }; > > channel ns_security { > > file "/var/test/security" size 30M; > > print-time yes; > > print-category yes; > > print-severity yes; > > severity notice; > > }; > > channel ns_stats { > > file "/var/test/stats" size 300M; > > print-time yes; > > severity info; > > }; > > channel ns_cname { > > file "/var/test/cname" size 300M; > > print-time yes; > > severity info; > > }; > > channel ns_lame { > > file "/var/test/lame" size 300M; > > print-time yes; > > severity info; > > }; > > channel ns_debug { > > file "/var/test/debug" size 300M; > > print-time yes; > > print-category yes; > > print-severity yes; > > severity dynamic; > > }; > > channel ns_default { > > file "/var/test/syslog" versions 3 size 100M; > > print-time yes; > > severity info; > > }; > > > > category default { ns_default; ns_debug; }; > > > > category statistics { ns_stats; }; > > category queries { ns_queries; }; > > category cname { ns_cname; }; > > category lame-servers { ns_lame; }; > > category panic { default_syslog; default_stderr; ns_debug; }; > > category xfer-in { ns_default; }; > > category xfer-out { ns_default; }; > > category security { ns_default; }; > > category packet { ns_debug; }; > > category update { ns_default; }; > >}; > > > >zone "schc.meed.zaboo.org" in { > > type master; > > file "db.schc.meed.zaboo.org"; > > check-names warn; > > notify no; > >}; > > > >zone "82.166.in-addr.arpa" in { > > type master; > > file "db.82.166.in-addr.arpa"; > > check-names warn; > > notify no; > >}; > > > >//zone "." in { > >// type hint; > >// file "db.cache"; > >//}; > > > >zone "0.0.127.in-addr.arpa" in { > > type master; > > file "db.127.0.0"; > >}; > > > >-------------- File: db.schc.meed.zaboo.org -------------- > >;================================================ =========================== > >; Addresses and other host information for zone: schc.meed.zaboo.org > >;================================================ =========================== > >@ IN SOA ns13.zaboo.org. dns.meed.zaboo.org. ( > > 1786 ; Serial No. > > 3600 ; Refresh > > 900 ; Retry > > 604800 ; Expire > > 86400 ) ; Default TTL > >; > > IN NS ns13.zaboo.org. > > IN NS ns11.zaboo.org. > > IN NS ns12.zaboo.org. > > > >wood.schc.meed.zaboo.org. IN NS woodaa.schc.meed.zaboo.org. > >wood.schc.meed.zaboo.org. IN NS woodab.schc.meed.zaboo.org. > > > >;************* > >; A records > >;************* > >woodab 86400 IN A 166.82.88.17 > >woodaa IN A 166.82.88.18 > > > >woodab.schc.meed.zaboo.org. 86400 IN MX 10 WOODAB.schc.meed.zaboo.org. > >woodaa.schc.meed.zaboo.org. 86400 IN MX 10 WOODAA.schc.meed.zaboo.org. > > > >-------------- File: db.82.166.in-addr.arpa -------------- > >;================================================ =========================== > >; Reverse Addresses (PTR Records) for zone: 82.166.in-addr.arpa > >;================================================ =========================== > >@ IN SOA ns13.zaboo.org. dns.meed.zaboo.org. ( > > 1891 ; Serial No. > > 3600 ; Refresh > > 900 ; Retry > > 604800 ; Expire > > 86400 ) ; Default TTL > >; > > IN NS ns13.zaboo.org. > > IN NS ns11.zaboo.org. > > IN NS ns12.zaboo.org. > >; > >;************** > >; PTR records > >;************** > >18.88 IN PTR wood.schc.meed.zaboo.org. > >17.88 IN PTR wood.schc.meed.zaboo.org. > > > >18.88 IN PTR woodaa.schc.meed.zaboo.org. > >17.88 86400 IN PTR woodab.schc.meed.zaboo.org. > > > >-------------- File: db.127.0.0 -------------- > >;================================================ =========================== > >; Local server zone information: 0.0.127.in-addr.arpa > >;================================================ =========================== > >@ IN SOA ns13.zaboo.org. dnsadmin.zaboo.org. ( > > 1 ; Serial No. > > 21600 ; Refresh > > 3600 ; Retry > > 604800 ; Expire > > 86400 ) ; Default TTL > >; > > IN NS ns13.zaboo.org. > >1 IN PTR localhost. > > > >-------------- File: 846.dig.out -------------- > ># dig @127.0.0.1 NS wood.schc.meed.zaboo.org. > > > >; <<>> DiG 8.4 <<>> @127.0.0.1 NS wood.schc.meed.zaboo.org. > >; (1 server found) > >;; res options: init recurs defnam dnsrch no-nibble2 > >;; got answer: > >;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15533 > >;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 2 > >;; QUERY SECTION: > >;; wood.schc.meed.zaboo.org, type = NS, class = IN > > > >;; AUTHORITY SECTION: > >wood.schc.meed.zaboo.org. 1D IN NS woodaa.schc.meed.zaboo.org. > >wood.schc.meed.zaboo.org. 1D IN NS woodab.schc.meed.zaboo.org. > > > >;; ADDITIONAL SECTION: > >woodaa.schc.meed.zaboo.org. 1D IN A 166.82.88.18 > >woodab.schc.meed.zaboo.org. 1D IN A 166.82.88.17 > > > >;; Total query time: 4 msec > >;; FROM: ns01 to SERVER: 127.0.0.1 > >;; WHEN: Thu Feb 17 15:50:55 2005 > >;; MSG SIZE sent: 42 rcvd: 116 > > > ># dig @127.0.0.1 PTR 17.88.82.166.in-addr.arpa. > > > >; <<>> DiG 8.4 <<>> @127.0.0.1 PTR 17.88.82.166.in-addr.arpa. > >; (1 server found) > >;; res options: init recurs defnam dnsrch no-nibble2 > >;; got answer: > >;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29999 > >;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 3, ADDITIONAL: 0 > >;; QUERY SECTION: > >;; 17.88.82.166.in-addr.arpa, type = PTR, class = IN > > > >;; ANSWER SECTION: > >17.88.82.166.in-addr.arpa. 1D IN PTR wood.schc.meed.zaboo.org. > >17.88.82.166.in-addr.arpa. 1D IN PTR woodaa.schc.meed.zaboo.org. > > > >;; AUTHORITY SECTION: > >82.166.in-addr.arpa. 1D IN NS ns13.zaboo.org. > >82.166.in-addr.arpa. 1D IN NS ns11.zaboo.org. > >82.166.in-addr.arpa. 1D IN NS ns12.zaboo.org. > > > >;; Total query time: 3 msec > >;; FROM: ns01 to SERVER: 127.0.0.1 > >;; WHEN: Thu Feb 17 15:51:08 2005 > >;; MSG SIZE sent: 43 rcvd: 159 > > > >-------------- File: 827.dig.out -------------- > ># dig @127.0.0.1 NS wood.schc.meed.zaboo.org. > > > >; <<>> DiG 8.4 <<>> @127.0.0.1 NS wood.schc.meed.zaboo.org. > >; (1 server found) > >;; res options: init recurs defnam dnsrch no-nibble2 > >;; got answer: > >;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59378 > >;; flags: qr rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 2 > >;; QUERY SECTION: > >;; wood.schc.meed.zaboo.org, type = NS, class = IN > > > >;; ANSWER SECTION: > >wood.schc.meed.zaboo.org. 1D IN NS woodaa.schc.meed.zaboo.org. > >wood.schc.meed.zaboo.org. 1D IN NS woodab.schc.meed.zaboo.org. > > > >;; ADDITIONAL SECTION: > >woodaa.schc.meed.zaboo.org. 1D IN A 166.82.88.18 > >woodab.schc.meed.zaboo.org. 1D IN A 166.82.88.17 > > > >;; Total query time: 3 msec > >;; FROM: ns01 to SERVER: 127.0.0.1 > >;; WHEN: Thu Feb 17 15:48:22 2005 > >;; MSG SIZE sent: 42 rcvd: 116 > > > ># dig @127.0.0.1 PTR 17.88.82.166.in-addr.arpa. > > > >; <<>> DiG 8.4 <<>> @127.0.0.1 PTR 17.88.82.166.in-addr.arpa. > >; (1 server found) > >;; res options: init recurs defnam dnsrch no-nibble2 > >;; got answer: > >;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17127 > >;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 3, ADDITIONAL: 0 > >;; QUERY SECTION: > >;; 17.88.82.166.in-addr.arpa, type = PTR, class = IN > > > >;; ANSWER SECTION: > >17.88.82.166.in-addr.arpa. 1D IN PTR wood.schc.meed.zaboo.org. > >17.88.82.166.in-addr.arpa. 1D IN PTR woodaa.schc.meed.zaboo.org. > > > >;; AUTHORITY SECTION: > >82.166.in-addr.arpa. 1D IN NS ns13.zaboo.org. > >82.166.in-addr.arpa. 1D IN NS ns11.zaboo.org. > >82.166.in-addr.arpa. 1D IN NS ns12.zaboo.org. > > > >;; Total query time: 3 msec > >;; FROM: ns01 to SERVER: 127.0.0.1 > >;; WHEN: Thu Feb 17 15:49:01 2005 > >;; MSG SIZE sent: 43 rcvd: 159 > > > >-------------- File: logs/846/syslog -------------- > >17-Feb-2005 15:50:44.141 Zone "schc.meed.zaboo.org" (file > >db.schc.meed.zaboo.org): No default TTL ($TTL <value>) set, using SOA > >minimum instead > >17-Feb-2005 15:50:44.143 master zone "schc.meed.zaboo.org" (IN) loaded > >(serial 1786) > >17-Feb-2005 15:50:44.144 Zone "82.166.in-addr.arpa" (file > >db.82.166.in-addr.arpa): No default TTL ($TTL <value>) set, using SOA > >minimum instead > >17-Feb-2005 15:50:44.144 master zone "82.166.in-addr.arpa" (IN) loaded > >(serial 1891) > >17-Feb-2005 15:50:44.145 Zone "0.0.127.in-addr.arpa" (file db.127.0.0): > >No default TTL ($TTL <value>) set, using SOA minimum instead > >17-Feb-2005 15:50:44.145 master zone "0.0.127.in-addr.arpa" (IN) loaded > >(serial 1) > >17-Feb-2005 15:50:44.152 listening on [127.0.0.1].53 (lo0) > >17-Feb-2005 15:50:44.162 Forwarding source address is [::].37248 > >17-Feb-2005 15:50:44.163 Forwarding source address is [0.0.0.0].53 > >17-Feb-2005 15:50:44.181 Ready to answer queries. > >17-Feb-2005 15:52:44.395 named shutting down > > > >-------------- File: logs/827/syslog -------------- > ># cat logs/827/syslog > >17-Feb-2005 15:47:29.225 Zone "schc.meed.zaboo.org" (file > >db.schc.meed.zaboo.org): No default TTL set using SOA minimum instead > >17-Feb-2005 15:47:29.228 master zone "schc.meed.zaboo.org" (IN) loaded > >(serial 1786) > >17-Feb-2005 15:47:29.228 Zone "82.166.in-addr.arpa" (file > >db.82.166.in-addr.arpa): No default TTL set using SOA minimum instead > >17-Feb-2005 15:47:29.229 master zone "82.166.in-addr.arpa" (IN) loaded > >(serial 1891) > >17-Feb-2005 15:47:29.230 Zone "0.0.127.in-addr.arpa" (file db.127.0.0): > >No default TTL set using SOA minimum instead > >17-Feb-2005 15:47:29.231 master zone "0.0.127.in-addr.arpa" (IN) loaded > >(serial 1) > >17-Feb-2005 15:47:29.236 listening on [127.0.0.1].53 (lo0) > >17-Feb-2005 15:47:29.248 Forwarding source address is [0.0.0.0].53 > >17-Feb-2005 15:47:29.278 Ready to answer queries. > >17-Feb-2005 15:47:29.279 i_sysop: nlookup error on ?, db.cache file is > >missing or empty > >17-Feb-2005 15:49:47.858 named shutting down > > > > > > > > > > > > > > > > > -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@isc.org 
|
Linear Mode
