Re: named-checkconf error
On Dec 7 2008, Mark Andrews wrote: named-checkzone calls getaddrinfo() to lookup addresses of servers which are not in the zone. That lookup has failed. For a start I would fix this delegation error. The NS RRset on both sides of the delegation should be the same. capmark.com.172800 IN NS ns1.gmaccm.com. capmark.com.172800 IN NS ns2.gmaccm.com. ;; Received 116 bytes from 192.42.93.30#53(G.GTLD-SERVERS.NET) in 175 ms quarantine1.capmark.com. 7200 IN A 216.83.188.21 capmark.com.86400 IN NS ns1.capmark.com. capmark.com.86400 IN NS ns2.capmark.com. ;; Received 125 bytes from 216.83.188.8#53(ns1.gmaccm.com) in 227 ms It seems rather unlikely that this has anything to do with the OP's problem, as the IP addresses of ns{1,2}.gmaccm.com and ns{1,2}.capmark.com are the same, i.e. 216.83.188.{8,9}, in the glue as well as in the zones. But technically, of course, Mark is right: you ought to fix this (for gmaccm.com as well as for capmark.com). In message [EMAIL PROTECTED], Steve Shockley wrote: I'm running BIND 9.4.2 on OpenBSD 4.3. I'm getting some errors with named-checkconf I don't really understand. I'm running: named-checkzone -t /var/named capmarksecurities.com /master/db.capmarksecurities.com and I get: zone capmarksecurities.com/IN: getaddrinfo(quarantine1.capmark.com) failed: non-recoverable failure in name resolution [etc.] This appears to happen with all zones with MX records that are in a different zone. The zone loads and seems to work as expected. What's going wrong? Something is wrong with the configuration of the host on which you ran named-checkzone. Either its resolver configuration is screwed, or getaddrinfo() isn't getting as far as using the resolver. Can you do host address lookups at all there? You can suppress the check by using -i local on named-checkzone (see the man page). But it would be better to fix the configuration problem, of course. -- Chris Thompson Email: [EMAIL PROTECTED] ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Round robin DNS and only one record?
Greetings all. Is it possible to set up BIND in such a way that if there are multiple A-records for a specific host, instead of returning all of them in response to a request and only changing the order with every second request, the server only returns one A-record, and varies that A-record with every second request? A little background: I am preparing to retire an aging load-balancing appliance which does dynamic load balancing based on various criteria. In any given response to a request for an A-record, only one IP address is returned, thus: ;; ANSWER SECTION: foo.test.com. 86400 IN A 192.168.1.10 With every other request, the IP varies. BIND's default behavior is to hand out both IPs, thus: ;; ANSWER SECTION: foo.test.com. 86400 IN A 192.168.1.10 foo.test.com. 86400 IN A 192.168.1.11 With every other request, the IPs' order changes. Certain browsers hitting our web application don't like having two A-records handed to them (I'm still in the process of figuring out why), and much prefer the first example above. We have two geographically dispersed locations, and too much traffic to realistically concentrate all of it to just one of the locations at present. Our load-balancer is near death, and I'm scrambling to replace it. I'm prepared to deal with the disaster-recovery scenario in which one of our locations becomes unavailable. My main objective is to replicate the behavior of our existing load balancer from the point of view of the end user, but ignore the dynamic aspect of it and use BIND to handle DNS. Any help or advice would be greatly appreciated. Best regards, Dustin Lovell America First Credit Union ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Round robin DNS and only one record?
In article [EMAIL PROTECTED], Dustin Lovell [EMAIL PROTECTED] wrote: Certain browsers hitting our web application don't like having two A-records handed to them (I'm still in the process of figuring out why), and much prefer the first example above. Really? So these browsers can't access www.google.com, which has four A records? I don't think BIND can be forced to return only one A record at a time without code changes. Why don't you replace your aging load balancer with a new load balancer? -- Barry Margolin, [EMAIL PROTECTED] Arlington, MA *** PLEASE don't copy me on replies, I'll read them in the group *** ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users