On 17.02.17 10:58, bert hubert wrote:
On Fri, Feb 17, 2017 at 10:49:08AM +0100, Thomas Mieslinger wrote:
ovh changed its MX A records and now my employers Mail relays can't send
email to ovh.
Have you attempted to talk to OVH about their misconfiguration?
There is no misconfiguration at ovh.
I ask this because the DNS Resolver community keeps getting asked to solve
problems which are not ours. But it is easier to ask us to change.
We (BIND, Unbound) keep running into broken F5 configurations for example,
and yes, we can fix those with some special casing. But people always ask us
because we are easier to talk to than the operators of the F5 machines.
In my experience operating F5 gtm is hard... ( but that is completely of
topic.)
And so the code in resolvers becomes ever more a set of exceptions and
workarounds. And please know, every workaround breaks something else.
So please ask OVH to fix their stuff.
They can't.
If verisign had a policy like denic or .fr, this mess would not be in
the tld zone file.
Many many domains are wrongly delegated with wrong glue records in the tld
zone.
Let us not encourage broken things to work well. Some pain is quite
motivational to clean this up.
The pain is only felt by people who can't fix it.
I understand that this must have a performance impact but having the choice
between 1000s of customer calls a day "I can't send emails to ovh and it is
your fault" and buying some more recursor boxes, I clearly want more
recursor boxes and less disappointed customers.
The disappointed customers may want to ask OVH why it is publishing the
wrong IP addresses?
It is not ovh publishing wrong A records, it is glue from the tld zone.
The example domain is register with gandi.net, so gandi or their
customer would need to update NS Records and glue. I can't fix it, ovh
can't fix it.
_______________________________________________
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users
