Matt Pusateri wrote:
...Since there was certainly more material than I could cover in 2 hours, with everyone keeping up to speed, there was some talk of having a DNS class, where we could cover those more advanced topics in detail. It's being considered for November's class, the Saturday after the November meeting. More to follow on that, if it comes to fruition.
First let me thank you for an excellent presentation (on short notice
too, and hecklers aside). Maybe in the future we will get luck enough
to do a advance DNS, where we have more time to explore TSIG and
DNSSEC.
A lame server, comes from a lame delegation. It's not (usually) the fault of the server being blamed, but of the zone that points to it. Consider this scenario:I have a follow up, due to us running out of time.
It might be worth explaining what lame servers are as those new to DNS
will most likely see them in their DNS logs and might wonder what they
are.
- You run the zone, example.com
- You configure your zone file to have 3 NS records, ns1.example.com, ns2.example.com, and ns3.example.com
- You point these 3 NS records at 3 different servers, 1.2.3.2, 1.2.3.3, and 1.2.3.4
- You configure 1.2.3.2 and 1.2.3.3, but forget to configure 1.2.3.4
At this point, 1.2.3.4 is a "lame server", because if you ask it for example.com, it will give a non-authoritative response, if any. The more common scenario (and this is a real example from TriLUG's recent history), is where that "lame server" *USED* to be a valid DNS server, but has since been reformatted or reworked, and is no longer configured. We had old NS records left over from when certain individuals used to be backup slave servers for the trilug.org domain. This caused some confusion, and if you search you can probably find a history of it on the list.
Sorry for being slow in the response. :)
Aaron S. Joyner -- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
