On Jul 30 2009, Danny Mayer wrote:
Chris Thompson wrote:
On Jul 28 2009, sth...@nethelp.no wrote:
% dig +short a dns3.potomacnetworks.com @a.gtld-servers.net
216.250.243.230
As long as that host record exists, with an IP different from what
your authoritative servers reply with, you are going to have problems,
because queries will be answered by the GTLD servers and not your own
authoritative servers.
This is the wretched "glue promoted to answer" bug (we can call it a
bug by now, surely?) which we are assured that the GTLD servers will
be cured of this year, next year, sometime, or ...
... well, they will have to fix it before they can roll out DNSSEC,
won't they?
No. The op always needs to notify the Registrar of their domain when the
address of any of their nameservers changes. That has always been a
requirement.
You are misinterpreting what I said. Of course erroneous glue needs to be
corrected. But there is no need for the servers to return IP addresses
provided for glue as an *answer* to a query, as the *.gtld-servers.net ones
do, rather than giving a proper referral. (At least their answers are not
marked authoritative, unlike those from some other nameservers.)
On Jul 30 2009, Stephane Bortzmeyer <bortzme...@nic.fr> wrote:
Not all the GTLD servers, only .com and .net.
(And edu, if you count that as a GTLD.) I should perhaps have made
it clearer that I meant "the servers called *.gtld-servers.net",
rather than "all servers for 'generic' top-level domains".
--
Chris Thompson
Email: c...@cam.ac.uk
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
