To:
Randy Bush <randy@psg.com>
cc:
David Conrad <david.conrad@nominum.com>, <dnsop@cafax.se>
From:
Bruce Campbell <bruce.campbell@ripe.net>
Date:
Mon, 28 Apr 2003 16:22:09 +0200 (CEST)
In-Reply-To:
<E19A7Ip-000DoQ-NH@ran.psg.com>
Sender:
owner-dnsop@cafax.se
Subject:
Re: draft-ietf-dnsop-serverid-01.txt
On Mon, 28 Apr 2003, Randy Bush wrote in reply to David Conrad: > > If the server at a particular IP address returns <bar> to query <baz>, > > you issue a CH class ID.SERVER query to that IP address from the same > > client that received the suspicious result (making the assumption that > > the routing system has not changed the server that will receive that > > query). > > that assumption is not at all safe Myself, I've found that said assumption holds fairly true for: verify problem @nameserver dig identifier @nameserver verify problem @nameserver where the results from the two enclosing verifies are identical, and the command sequence is executed one after the other in quick succession, and is repeated several times to discount rapid routing instabilities, which is what most people do when performing diagnostics of a problem. Without going into unique identifiers being returned with the query (ref Vixie's mail on the subject), this does appear to be a workable solution for 95% of cases, the other 5% being silly load-balancer games (eg, queries of one type being directed to a specific host) which you cannot diagnose being external to the load-balancer. --==-- Bruce. #---------------------------------------------------------------------- # To unsubscribe, send a message to <dnsop-request@cafax.se>.