Maintained by: NLnet Labs

[Unbound-users] Old or incorrect information returned?

Florian Weimer
Fri Nov 6 13:54:49 CET 2009


* Haw Loeung:

>> The domain is still hosted on nextgen.net, with the old zone contents,
>> including the old NS RRset.  
>
> No, it should be as follows:
>
> ======
> $ dig +trace supre.com.au
> <snip>
> com.au.                 259200  IN      NS      udns2.ausregistry.net.au.
> com.au.                 259200  IN      NS      udns3.ausregistry.net.au.
> com.au.                 259200  IN      NS      udns4.ausregistry.net.au.
> ;; Received 429 bytes from 2001:dc0:2001:a:4608::59#53(A1.AUDNS.NET.au) in 689 ms
>
> supre.com.au.           14400   IN      NS      ns1.hyperservers.com.au.
> supre.com.au.           14400   IN      NS      ns2.hyperservers.com.au.
> supre.com.au.           14400   IN      NS      ns1.cpanelhost.net.au.
> supre.com.au.           14400   IN      NS      ns2.cpanelhost.net.au.
> ;; Received 162 bytes from 211.29.133.32#53(audns.optus.net) in 3 ms
> ======

Yes, but if you ask the nextgen.net servers due to the existing cache
contents, you keep getting the information that the nextgen.net
servers are still authoritative, so it's not necessary to ask the
com.au servers for fresh data.

I don't know the industry consensus regarding appropriate resolver
here.  Re-validating glue has obvious pros (it would help in your
scenario), but also cons (more load on large, delegation-centric
zones).

-- 
Florian Weimer                <fweimer at bfk.de>
BFK edv-consulting GmbH       http://www.bfk.de/
Kriegsstraße 100              tel: +49-721-96201-1
D-76133 Karlsruhe             fax: +49-721-96201-99