On 17.01.20 22:03, Crist Clark wrote:
We have a service vendor with broken DNS. It looks like a well known problem of F5 load balancers. For the name,efederation.wip.ceridian.com (you get redirected there from https://iam.ceridian.com) The DNS "servers" return an answer for a A request, but when you ask for any other record type, they send a name-does-not-exist status, "NXDOMAIN." Once our caching BIND servers get the NXDOMAIN response, the A record info doesn't matter anymore. They return NXDOMAIN for a A record query too. Yes, yes, I know the Right Answer is to get the vendor to fix their load balancer. But we get the "it works when we're at home," "it works with Google/Cloudflare DNS," "it works on my phone when I use mobile data," so our DNS server must be broken. We have to make it work while we convince the vendor to fix it.
knowing their DNS when they are at home and use mobile data, plus a few requests to google DNS could change their "it works when..." I don't know how google DNS works, some reported it not following standard much. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. (R)etry, (A)bort, (C)ancer _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
