Perhaps it wasn't NXDOMAIN -- I didn't capture the output. But there
definitely was not answer. The institution only has two authoritative
nameserver entries, both pointing to the same IP, so all it was all down.
In any case, why doesn't flushing the name work?
Frank
-Original Message-
Nameservers being down does not result in NXDOMAIN responses. I
suspect that some of the auth servers were producing NXDOMAIN
incorrectly. Flushing the name won't help in those cases.
In message <001001d01429$1c857f70$55907e50$@iname.com>, "Frank Bulk" writes:
> Our ISP operations are running
Our ISP operations are running a mixture of 9.7.3 and 9.8.4 on several
Debian servers and we've noticed that rndc flushname doesn't work many
times.
This weekend we had a local institution whose own authoritative DNS servers
[all of them] were offline for 48+ hours and so there were several
negati
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
http://www.five-ten-sg.com/mapper/bind contains links to the source
rpms, and build instructions.
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.14 (GNU/Linux)
iEYEARECAAYFAlSHZfwACgkQL6j7milTFsFb/QCfTFeTHhbxPYhhRJsNTNC5aVDa
EmIAnjVawZn1xFMEJUVvh
Hi--
On Dec 9, 2014, at 12:04 PM, Mike Hoskins (michoski) wrote:
> Wanted to point out that (perhaps sadly) this isn't so crazypants...or at
> least not uncommon. The *edge* and *aka* references speak Akamai DNS+CDN.
> From my last overview, this has gotten cleaner in the latest versions of
> th
Thanks for digging in so fast. Our mitigation will be sticking to
9.9.6-P1, since we like ESV anyway.
Wanted to point out that (perhaps sadly) this isn't so crazypants...or at
least not uncommon. The *edge* and *aka* references speak Akamai DNS+CDN.
From my last overview, this has gotten cleane
On Tue, Dec 09, 2014 at 05:51:58PM +, Evan Hunt wrote:
> That's unexpected. I'll see if I can reproduce it.
Okay, I can.
Part of the problem is the somewhat crazypants DNS configuration
of www.ibm.com:
$ dig +noall +answer www.ibm.com
www.ibm.com.3600IN CNAME www.i
On 12/9/14, 8:17 AM, O'Neil,Kevin wrote:
> We had a problem where named 9.3.5-P1 running on a Solaris8 [...]
There are plenty of additional reasons than the problem you are seeing
to upgrade past a version of BIND that is as out-of-date as yours.
I'd perhaps rather ask -- what reason is there NOT
On Tue, Dec 09, 2014 at 05:46:36PM +, Stuart Henderson wrote:
> It's 5 minutes with 9.10.1-P1 as well.
That's unexpected. I'll see if I can reproduce it.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
Please visit https://lists.
On 2014/12/09 17:37, Evan Hunt wrote:
> On Tue, Dec 09, 2014 at 05:17:52PM +, Tony Finch wrote:
> > Yes, I could reproduce it after flushing my cache. Had to wait five
> > minutes before the queries succeeded, which seems unpleasantly long.
> > I don't know where that time comes from - the ARM
On Tue, Dec 09, 2014 at 05:17:52PM +, Tony Finch wrote:
> Yes, I could reproduce it after flushing my cache. Had to wait five
> minutes before the queries succeeded, which seems unpleasantly long.
> I don't know where that time comes from - the ARM says the default
> servfail-ttl is 10s.
You'r
Evan Hunt wrote:
>
> However, in this case I think it's because you had an empty cache, and
> sending a second query will clear the problem up. In a future release, we
> may want to lift the restrictions temporarily while priming.
Yes, I could reproduce it after flushing my cache. Had to wait fi
We had a problem where named 9.3.5-P1 running on a Solaris8 box stopped
responding to TCP queries while still responding to UDP queries. There was
still a listener on TCP port 53. It took a stop/start of named to correct the
issue.
At the time that this event occurred we saw this in the mes
On Tue, Dec 09, 2014 at 02:45:13PM +, Stuart Henderson wrote:
> The new recursion limits (or at least the default values for them) seem
> to have some problems. Simple example, if I start named for recursive
> service, no forwarders, debugging enabled, and run "dig @::1 www.ibm.com a"
> I get a
The new recursion limits (or at least the default values for them) seem
to have some problems. Simple example, if I start named for recursive
service, no forwarders, debugging enabled, and run "dig @::1 www.ibm.com a"
I get a failure with numerous "exceeded max queries" log entries for gtld
servers
15 matches
Mail list logo
