Re: Out-of-zone data mistaken for glue?

Tue, 11 May 2010 04:54:37 -0700 

On 11/05/10 12:20, Barry Margolin wrote:

In article<[email protected]>,
  Phil Mayers<[email protected]>  wrote:


Following on from yesterdays query; if I have this zone:

test.com.               86400   IN      SOA     ...
test.com.               86400   IN      NS      ...
foo.test.com.           86400   IN      NS      ns.foo.test.com.
ns.foo.test.com.        86400   IN      A       192.168.254.254
www.foo.test.com.       86400   IN      A       192.168.1.1

...this zone loads fine, and www.foo.test.com does *not* resolve, which
is as expected I guess. However, neither bind nor named-checkzone report
the non-glue A record as an error. Is this expected?

(This is just curiosity - obviously it's a bad idea to populate zones
like this!)


Are you sure you have the trailing dot on that record?
Pretty sure. I can start out with no zone cut, insert one via "nsupdate", freeze the zone, and the resultant zone still reports no errors: 

== Initial zone, no zone cut ==

# dig @localhost test.com axfr
test.com.               86400   IN      SOA     ...
test.com.               86400   IN      NS      ...
www.foo.test.com.       86400   IN      A       192.168.1.1

== www host resolves as expected ==

# dig +norec +noide +noqu +noqr +norec @localhost www.foo.test.com
;; ANSWER SECTION:
www.foo.test.com.       86400   IN      A       192.168.1.1

;; AUTHORITY SECTION:
test.com.               86400   IN      NS      ...


== Insert the zone cut ==

# nsupdate
> server localhost
> zone test.com
> update add foo.test.com. 86400 NS ns1.example.com.
>

# dig @localhost test.com axfr
test.com.               86400   IN      SOA     ...
test.com.               86400   IN      NS      ...
foo.test.com.           86400   IN      NS      ns1.example.com.
www.foo.test.com.       86400   IN      A       192.168.1.1

== www host no longer resolves, as expected ==

# dig +norec +noide +noqu +noqr +norec @localhost www.foo.test.com
;; AUTHORITY SECTION:
foo.test.com.           86400   IN      NS      ns1.example.com.

== Flush the zone to disk ==

# rndc freeze test.com
# cat test.com
$ORIGIN .
$TTL 86400      ; 1 day
test.com                IN SOA  ...
                        NS      ...
$ORIGIN test.com.
foo                     NS      ns1.example.com.
$ORIGIN foo.test.com.
www                     A       192.168.1.1

== Run compilezone - no errors ==

# named-compilezone -o /dev/null test.com test.com
zone test.com/IN: loaded serial 2006405210
dump zone to /dev/null...done
OK
_______________________________________________
bind-users mailing list
[email protected]
https://lists.isc.org/mailman/listinfo/bind-users

Reply via email to