On Fri, Apr 8, 2011 at 1:49 AM, Mark Andrews <ma...@isc.org> wrote: > Please explain the operating conditions under which when you think > this is a sensible thing to do? > > A nameserver without address records is pointless. > A nameserver pointing to a CNAME/DNAME causes resolution problems. >
Here is an example that works in BIND 9.6x: $ORIGIN . $TTL 86400 ; 1 day mydomain.com.au IN SOA ns0.mydomain.com.au. admin.mydomain.com.au. ( 2011010104 ; serial 43200 ; refresh (12 hours) 7200 ; retry (2 hours) 1209600 ; expire (2 weeks) 1800 ; minimum (30 minutes) ) $TTL 1800 ; 30 minutes NS ns0.mydomain.com.au. NS ns1.mydomain.com.au. NS ns2.mydomain.com.au. A 1.1.1.1 MX 10 mail.mydomain.com.au. $ORIGIN mydomain.com.au. ftp A 1.1.1.1 mail A 2.2.2.2 pop CNAME mail smtp CNAME mail ssh A 1.1.1.1 www CNAME mydomain.com.au. Is this domain 100% valid?... no... but it still works. The A records for the name servers are actually still resolving since the regsitrar will return them in glue. But understandably... this domain is not 100% valid. But to force the domain offline is just preventing many shared hosting environments to move to newer versions of BIND (or switch off of BIND since they do not understand the problem). Give a warning... that is fine... But to prevent the domain from loading is just too harsh and an immediate drastic measure during an upgrade. It would be nice if it was a configuration option just like all of the other checks. This same function seems also to be called in "update.c"...... also causing problems. I would just like this function to never be called but I have not been able to determine if it does other things necessary. -- Best regards, -Rodney Hives (Internet user since... well.... before Gore built it....)
_______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users