To:
dnsop@cafax.se
From:
Rob Austein <sra+dnsop@hactrn.net>
Date:
Thu, 20 Feb 2003 11:52:39 -0500
In-Reply-To:
<200302201539.QAA14337@wilfer1.cdg.chalmers.se>
Sender:
owner-dnsop@cafax.se
User-Agent:
Wanderlust/2.8.1 (Something) Emacs/20.7 Mule/4.0 (HANANOEN)
Subject:
Re: timeout of glue A record
At Thu, 20 Feb 2003 16:39:02 +0100 (MET), Gunnar Lindberg wrote: > > So, our-ns1 had a reference to their NSs (the names to be specific) > but the corresponding glue A records were missing. What happened > before to get us into this state is beyond my knowledge, but since > our-ns2 was counting down the glue A's ttl I take it they reached 0 > and were simply discarded. > > After 2m51s our-ns2 was able to refresh both set of records, while > our-ns1 stayed out of sync for another 23h19m44s. > > It would seem reasonable to me that the DNS should not keep NS > records unless it has at least some A records to support them. The resolver has to detect and recover from this situation. One way or another, the recovery involves lowering the NS TTLs (either explicitly, or just by realizing that it has gotten into this trap and issuing a query for the NS RRset even though there's an unexpired NS RRset in the resolver's cache). #---------------------------------------------------------------------- # To unsubscribe, send a message to <dnsop-request@cafax.se>.