Len,
To help us correct this problem temporarily, we decided to pull the
conducent.com zone
and load it as a master in all our NT Bind servers even though we are not
authoritative. The
zone pulled via named-xfer runs fine locally. This prevents any
interruptions due to this bug as
I cannot tolerate ANY downtime. I'd rather be out-of-date on this domain
than have problems.
BTW, I don't know why the zone works fine when loaded as a master on NT Bind
but
not when queried remotely.
-Kevin
----- Original Message -----
From: "Len Conrad" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, May 31, 2000 8:52 AM
Subject: [IMail Forum] OT: DNS news: Bug in NT port of BIND 8.2.2 p5, etc
> ==================
> 1.
>
> Tuesday night, we confirmed that the NT port of BIND 8.2.2p5 has a bug,
> exposed by this command:
>
> dig @ntbind.myhost.com adsdl.conducent.com a
>
> This bind query returns as query results no less than 48 distinct A
> resource records for that single hostname. Total nonsense, but that's in
> line with the huge number of other grievous errors DNS Expert finds in
> conducent's nameservers.
>
> The was found by a guy who was running pkzip win32 in sponsored mode. Some
> adbot loads as startup folder item, and queries the conducent.com DNS,
with
> query results killing BIND.
>
> The Unix version of BIND 8.2.2 p5 does not have this problem.
>
> We suppose any DNS query from BIND / NT that returns similar query results
> will also hang BIND.
>
> Fix1: I have built 2 quick'n'dirty batch files that can be used on your
NT
> / BIND machine. They will set up the NT Scheduler service to check BIND
> every 5 minutes on the localhost machine for a response, and stop/start
> 'ISC BIND' service if it doesn't respond. When kicked, BIND comes back to
> life.
>
> Email me off-line if you want these 2 files.
>
> Fix2: We are trying to compile BIND 8.2.3 RC3 and have succeeded for all
> the modules minus the BINDctrl.exe conrol panel that appears to be
missing
> files. If we get RC3 compiled, I will put it on
> http://BIND8NT.MEIway.com. We don't know yet if 8.2.3 has inherited this
> bug or not.
>
> =====================
> 2.
>
> The ISC people the NT port of 8.2.3 is holding up the 8.2.3 for the
> specific pb of 8.2.3 still failing, as is the case with 8.2.2 p5, to
listen
> on all ip addresses.
>
> =====================
> 3.
>
> Our friends at MenAndMice.com have published their DNS Health survey for
> 5-2000.
>
> "Are you part of the problem or are you part of the solution?"
>
> The full Domain Health Survey and explanations for the errors are at
>
> http://www.menandmice.com/dnsplace/healthsurvey.html?DHS0500
>
> Regards,
> Len
>
> Please visit http://www.ipswitch.com/support/mailing-lists.html
> to be removed from this list.
>
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
