Is this a bug or a flaw in the DNS design? Some days ago we saw:
% dig @our-ns1 foo.bar ns
;; ANSWER SECTION:
foo.bar. 23h19m44s IN NS b.ns.foo.bar.
foo.bar. 23h19m44s IN NS a.ns.foo.bar.
;; ADDITIONAL SECTION:
;; None - NB <-----------------
% dig @our-ns2 foo.bar ns
;; ANSWER SECTION:
foo.bar. 2m51s IN NS a.ns.foo.bar.
foo.bar. 2m51s IN NS b.ns.foo.bar.
;; ADDITIONAL SECTION:
a.ns.foo.bar. 2m51s IN A 192.n.m.1
b.ns.foo.bar. 2m51s IN A 192.n.m.2
So, our-ns1 had a reference to their NSs (the names to be specific)
but the corresponding glue A records were missing. What happened
before to get us into this state is beyond my knowledge, but since
our-ns2 was counting down the glue A's ttl I take it they reached 0
and were simply discarded.
After 2m51s our-ns2 was able to refresh both set of records, while
our-ns1 stayed out of sync for another 23h19m44s.
It would seem reasonable to me that the DNS should not keep NS
records unless it has at least some A records to support them.
Is this a bug or design flaw?
Gunnar Lindberg
#----------------------------------------------------------------------
# To unsubscribe, send a message to <[EMAIL PROTECTED]>.
