Re: [GnuDIP] nsupdate & djb's dnscache are not friends :-(
Please remember to reply to the mailing list, not the original sender: http://gnudip2.sourceforge.net/#mailinglist + On Tuesday 23 April 2002 20:06, Mariano Absatz wrote: > > I'm not subscribed to the BIND list and most comments of this kind > tend to generate short of a flame ware in djbdns war :-) > here are the comments made on [EMAIL PROTECTED] (djbdns ml) so far +-- On Apr 22, Thilo Bangert said: > it seems nsupdate is doing an any query and is expecting the soa record > to be returned, something dnscache does not seem to do. When answering a QTYPE=* query, if dnscache finds records for the QNAME in its cache, it will only respond with one record type - CNAME if possible, else NS if possible, else various others. If dnscache doesn't find any cached records (or a cached NODATA/NXDOMAIN), then it will recursively resolve the domain and return all of the records it gets >from an authoritative server. > other comments? Perhaps you should just ask for an SOA, if that's what you want, instead of asking for ANY. But I don't know anything about nsupdate. "Rob Mayoff" <[EMAIL PROTECTED]> wrote: > +-- On Apr 22, Thilo Bangert said: >> other comments? > > Perhaps you should just ask for an SOA, if that's what you want, instead > of asking for ANY. But I don't know anything about nsupdate. IIUC, they aren't looking for SOA. They're getting NXDOMAIN for the query name and expecting in that case to see the SOA for the *parent* domain, which dnscache does not provide. paul -- GnuDIP Mailing List http://gnudip2.sourceforge.net/#mailinglist
Re: [GnuDIP] nsupdate & djb's dnscache are not friends :-(
FYI, Paul Jarc commented to Thilo's forwarding to djbdns list that nsupdate is getting a an NXDOMAIN and expecting an SOA for the PARENT domain, which dnscache doesn't provide... --- Begin Message --- "Rob Mayoff" <[EMAIL PROTECTED]> wrote: > +-- On Apr 22, Thilo Bangert said: >> other comments? > > Perhaps you should just ask for an SOA, if that's what you want, instead > of asking for ANY. But I don't know anything about nsupdate. IIUC, they aren't looking for SOA. They're getting NXDOMAIN for the query name and expecting in that case to see the SOA for the *parent* domain, which dnscache does not provide. paul --- End Message ---
Re: [GnuDIP] nsupdate & djb's dnscache are not friends :-(
Please remember to reply to the mailing list, not the original sender: http://gnudip2.sourceforge.net/#mailinglist + El 22 Apr 2002 a las 15:13, Creighton MacDonnell escribió: > > I suppose it is possible that there may be interoperability issues > between BIND components and djbdns components. > > I think the BIND people have tried very hard to be compatible with > standards, and probably Dan Bernstein has too. But this would not be the > first time that a standard was general enough to allow incompatible > interpretations. > > I suppose this kind of issue might best be discussed on the BIND or > djbdns mailing lists, although you are welcome to use this one if you > like. I suspect there would be more BIND and djbdns expertise on those > lists though. Most probably so... I sent it here before, cause GnuDIP is relaying on nsupdate for this so as to, at least, drop a line in the docs about this. I'm not subscribed to the BIND list and most comments of this kind tend to generate short of a flame ware in djbdns war :-) > > I have not looked through your traces in detail. But I expect the > problem must be occuring during the "first phase" of nsupdate's > operation, when it is trying to determine what server to actually send > the update message to (i.e. the master server for the zone, as specified > in the SOA for the zone). I would think once it new what (BIND) server > to send the actual update to it would probably be OK. It is so. > > If there is a real need for you to have a djbdns cache in between you > and the BIND server for the dynamic domain, it might be possible to > modify GnuDIP to insert a "server" directive to nsupdate. This directive > is currently not used because it is not available in BIND 8. If your > BIND version (well, nsupdate anyway)is 9, and you have sufficient > facility with Perl, you could try inserting a "server" directive telling > nsupdate the server to send the update to. This might make it work. Yes, probably. In fact, I expect to migrate my main servers to tinydns so I will stop using nsupdate by then. It was most on the line of helping others that might bump in to the same thing at least to know what's going wrong... Thanx for the advice. > > Mariano Absatz wrote: > > > > > > El 22 Apr 2002 a las 21:17, Thilo Bangert escribió: > > > > > > > > On Monday, 22. April 2002 21:03, you wrote: > > > > Hi, > > > > > > Hi > > > > > > > > > > > I just installed GnuDIP 2.3.5 and was toying around and > > > > adjusting things when it "suddenly" stopped working. I > > > > couldn't update via web or via tcp... I checked and > > > > noticed that in fact, I wasn't able to make a > > > > successful nsupdate even via command line. > > > > > > > > I added "-d" to nsupdate and saw that the error message > > > > said something about not getting a SOA record. > > > > > > > > A "host -t soa host.dyndomain.mydomain.com" didn't get > > > > a SOA record but, as far as I remembered, never did. > > > > The SOA belongs to dyndomain.mydomain.com not to > > > > host.dyndomain.mydomain.com. > > > > > > > > After a while I remembered I had changed the order of > > > > the nameserver entries in /etc/resolv.conf in the > > > > GnuDIP host. > > > > > > > > Originally there was a BIND resolver (not the BIND > > > > authoritative server) and I had put it below a DJB's > > > > dnscache. > > > > > > > > After digging enough I noticed the following. > > > > > > > > With the BIND resolver I got the following: > > > > > # dnsqr any host.dyndomain.mydomain.com > > > > > 255 host.dyndomain.mydomain.com: > > > > > 97 bytes, 1+0+1+0 records, response, authoritative, nxdomain > > > > > query: 255 host.dyndomain.mydomain.com > > > > > authority: dyndomain.mydomain.com 10 SOA ns1.dyndomain.mydomain.com > > > > > hostmaster.dyndomain.mydomain.com 2002042214 10800 3600 360 10 > > > > > > > > And with DJB's dnscache: > > > > > # dnsqr any host.dyndomain.mydomain.com > > > > > 255 host.dyndomain.mydomain.com: > > > > > 41 bytes, 1+0+0+0 records, response, authoritative, nxdomain > > > > > query: 255 host.dyndomain.mydomain.com > > > > > > > > Note that BIND includes an authority section for > > > > whoever has authority to that domain, whereas dnscache > > > > does not. > > > > > > > > The point is, if you are using nsupdate, you CAN'T > > > > resolve via dnscache. > > > > > > why do you conclude that? i can't seem to follow you... > > > > > 192.168.1.2 is running dnscache > > 192.168.1.99 is running bind 8.2.3 (cache only) > > > > /etc/resolv.conf has > > nameserver 192.168.1.2 > > nameserver 192.168.1.99 > > > > > # nsupdate -d -v > > > > update delete baby.dyn.pertisp.com.ar. in a > > > > > > > Reply from SOA query: > > > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49055 > > > ;; flags: qr rd ra ; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 > > > ;; QUESTION SECTION: > > > ;baby.dyn.pertisp.com.ar. IN SOA > > > > > > > > > response to SOA query didn't contain an SOA > > > #
Re: [GnuDIP] nsupdate & djb's dnscache are not friends :-(
Please remember to reply to the mailing list, not the original sender: http://gnudip2.sourceforge.net/#mailinglist + On Monday, 22. April 2002 22:07, you wrote: > El 22 Apr 2002 a las 21:17, Thilo Bangert escribió: > > On Monday, 22. April 2002 21:03, you wrote: > > > Hi, > > > > Hi > > > > > I just installed GnuDIP 2.3.5 and was toying around and > > > adjusting things when it "suddenly" stopped working. I > > > couldn't update via web or via tcp... I checked and > > > noticed that in fact, I wasn't able to make a > > > successful nsupdate even via command line. > > > > > > I added "-d" to nsupdate and saw that the error message > > > said something about not getting a SOA record. > > > > > > A "host -t soa host.dyndomain.mydomain.com" didn't get > > > a SOA record but, as far as I remembered, never did. > > > The SOA belongs to dyndomain.mydomain.com not to > > > host.dyndomain.mydomain.com. > > > > > > After a while I remembered I had changed the order of > > > the nameserver entries in /etc/resolv.conf in the > > > GnuDIP host. > > > > > > Originally there was a BIND resolver (not the BIND > > > authoritative server) and I had put it below a DJB's > > > dnscache. > > > > > > After digging enough I noticed the following. > > > > > > With the BIND resolver I got the following: > > > > # dnsqr any host.dyndomain.mydomain.com > > > > 255 host.dyndomain.mydomain.com: > > > > 97 bytes, 1+0+1+0 records, response, authoritative, nxdomain > > > > query: 255 host.dyndomain.mydomain.com > > > > authority: dyndomain.mydomain.com 10 SOA > > > > ns1.dyndomain.mydomain.com hostmaster.dyndomain.mydomain.com > > > > 2002042214 10800 3600 360 10 > > > > > > And with DJB's dnscache: > > > > # dnsqr any host.dyndomain.mydomain.com > > > > 255 host.dyndomain.mydomain.com: > > > > 41 bytes, 1+0+0+0 records, response, authoritative, nxdomain > > > > query: 255 host.dyndomain.mydomain.com > > > > > > Note that BIND includes an authority section for > > > whoever has authority to that domain, whereas dnscache > > > does not. > > > > > > The point is, if you are using nsupdate, you CAN'T > > > resolve via dnscache. > > > > why do you conclude that? i can't seem to follow you... > > 192.168.1.2 is running dnscache > 192.168.1.99 is running bind 8.2.3 (cache only) > > /etc/resolv.conf has > nameserver 192.168.1.2 > nameserver 192.168.1.99 > > > # nsupdate -d -v > > > > > update delete baby.dyn.pertisp.com.ar. in a > > > > Reply from SOA query: > > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49055 > > ;; flags: qr rd ra ; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, > > ADDITIONAL: 0 ;; QUESTION SECTION: > > ;baby.dyn.pertisp.com.ar. IN SOA > > > > > > response to SOA query didn't contain an SOA > > # > > nsupdate doesn't work and complains that a response to SOA query > didn't contain an SOA. > > Here's dnscache log: > 2002-04-22 16:54:53.404173500 query 28856 192.168.1.7:32834:49055 soa > baby.dyn.pertisp.com.ar. 2002-04-22 16:54:53.404179500 cached ns > pertisp.com.ar. ns1.pertisp.com.ar. 2002-04-22 16:54:53.404182500 > cached ns pertisp.com.ar. ns2.pertisp.com.ar. 2002-04-22 > 16:54:53.404184500 cached a ns1.pertisp.com.ar. > 2002-04-22 16:54:53.404186500 cached a ns2.pertisp.com.ar. > 2002-04-22 16:54:53.404188500 tx 0 soa baby.dyn.pertisp.com.ar. > pertisp.com.ar. 200.49.76.6 200.49.76.6 200.49.76.34 > 2002-04-22 16:54:53.406347500 nodata 200.49.76.6 10 6 > baby.dyn.pertisp.com.ar. > > If you look at what the query for "ANY" answers, you get: > > # dnsqr any baby.dyn.pertisp.com.ar > > 255 baby.dyn.pertisp.com.ar: > > 57 bytes, 1+1+0+0 records, response, noerror > > query: 255 baby.dyn.pertisp.com.ar > > answer: baby.dyn.pertisp.com.ar 5 A 1.2.3.4 > > Now I flip the order in /etc/resolv.conf: > nameserver 192.168.1.99 > nameserver 192.168.1.2 > > > # nsupdate -d -v > > > > > update delete baby.dyn.pertisp.com.ar. in a > > > > Reply from SOA query: > > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24278 > > ;; flags: qr aa rd ra ; QUESTION: 1, ANSWER: 0, AUTHORITY: 1, > > ADDITIONAL: 0 ;; QUESTION SECTION: > > ;baby.dyn.pertisp.com.ar. IN SOA > > > > ;; AUTHORITY SECTION: > > dyn.pertisp.com.ar. 10 IN SOA ns1.pertisp.com.ar. > > hostmaster.pert.com.ar. 2002042215 10800 3600 360 10 > > > > > > Found zone name: dyn.pertisp.com.ar > > The master is: ns1.pertisp.com.ar > > > > Reply from update query: > > ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 10966 > > ;; flags: qr ra ; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 > > > > > update add baby.dyn.pertisp.com.ar. 5 in a 1.2.3.4 > > > > Reply from SOA query: > > ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55227 > > ;; flags: qr aa rd ra ; QUESTION: 1, ANSWER: 0, AUTHORITY: 1, > > ADDITIONAL: 0 ;; QUESTION SECTION: > > ;baby.dyn.pertisp.com.ar. IN SOA > > > > ;; AUTHORITY SECTION: > > dyn.pertisp.com.ar. 10 IN SOA ns1.pertisp.com.ar. > > hostmaster.pert.com.ar.
Re: [GnuDIP] nsupdate & djb's dnscache are not friends :-(
Please remember to reply to the mailing list, not the original sender: http://gnudip2.sourceforge.net/#mailinglist + I suppose it is possible that there may be interoperability issues between BIND components and djbdns components. I think the BIND people have tried very hard to be compatible with standards, and probably Dan Bernstein has too. But this would not be the first time that a standard was general enough to allow incompatible interpretations. I suppose this kind of issue might best be discussed on the BIND or djbdns mailing lists, although you are welcome to use this one if you like. I suspect there would be more BIND and djbdns expertise on those lists though. === I have not looked through your traces in detail. But I expect the problem must be occuring during the "first phase" of nsupdate's operation, when it is trying to determine what server to actually send the update message to (i.e. the master server for the zone, as specified in the SOA for the zone). I would think once it new what (BIND) server to send the actual update to it would probably be OK. If there is a real need for you to have a djbdns cache in between you and the BIND server for the dynamic domain, it might be possible to modify GnuDIP to insert a "server" directive to nsupdate. This directive is currently not used because it is not available in BIND 8. If your BIND version (well, nsupdate anyway)is 9, and you have sufficient facility with Perl, you could try inserting a "server" directive telling nsupdate the server to send the update to. This might make it work. Mariano Absatz wrote: > > Please remember to reply to the mailing list, not the original sender: > > http://gnudip2.sourceforge.net/#mailinglist > > + > > El 22 Apr 2002 a las 21:17, Thilo Bangert escribió: > > > > > On Monday, 22. April 2002 21:03, you wrote: > > > Hi, > > > > Hi > > > > > > > > I just installed GnuDIP 2.3.5 and was toying around and > > > adjusting things when it "suddenly" stopped working. I > > > couldn't update via web or via tcp... I checked and > > > noticed that in fact, I wasn't able to make a > > > successful nsupdate even via command line. > > > > > > I added "-d" to nsupdate and saw that the error message > > > said something about not getting a SOA record. > > > > > > A "host -t soa host.dyndomain.mydomain.com" didn't get > > > a SOA record but, as far as I remembered, never did. > > > The SOA belongs to dyndomain.mydomain.com not to > > > host.dyndomain.mydomain.com. > > > > > > After a while I remembered I had changed the order of > > > the nameserver entries in /etc/resolv.conf in the > > > GnuDIP host. > > > > > > Originally there was a BIND resolver (not the BIND > > > authoritative server) and I had put it below a DJB's > > > dnscache. > > > > > > After digging enough I noticed the following. > > > > > > With the BIND resolver I got the following: > > > > # dnsqr any host.dyndomain.mydomain.com > > > > 255 host.dyndomain.mydomain.com: > > > > 97 bytes, 1+0+1+0 records, response, authoritative, nxdomain > > > > query: 255 host.dyndomain.mydomain.com > > > > authority: dyndomain.mydomain.com 10 SOA ns1.dyndomain.mydomain.com > > > > hostmaster.dyndomain.mydomain.com 2002042214 10800 3600 360 10 > > > > > > And with DJB's dnscache: > > > > # dnsqr any host.dyndomain.mydomain.com > > > > 255 host.dyndomain.mydomain.com: > > > > 41 bytes, 1+0+0+0 records, response, authoritative, nxdomain > > > > query: 255 host.dyndomain.mydomain.com > > > > > > Note that BIND includes an authority section for > > > whoever has authority to that domain, whereas dnscache > > > does not. > > > > > > The point is, if you are using nsupdate, you CAN'T > > > resolve via dnscache. > > > > why do you conclude that? i can't seem to follow you... > > > 192.168.1.2 is running dnscache > 192.168.1.99 is running bind 8.2.3 (cache only) > > /etc/resolv.conf has > nameserver 192.168.1.2 > nameserver 192.168.1.99 > > > # nsupdate -d -v > > > update delete baby.dyn.pertisp.com.ar. in a > > > > > Reply from SOA query: > > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49055 > > ;; flags: qr rd ra ; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 > > ;; QUESTION SECTION: > > ;baby.dyn.pertisp.com.ar. IN SOA > > > > > > response to SOA query didn't contain an SOA > > # > > nsupdate doesn't work and complains that a response to SOA query didn't contain an >SOA. > > Here's dnscache log: > 2002-04-22 16:54:53.404173500 query 28856 192.168.1.7:32834:49055 soa >baby.dyn.pertisp.com.ar. > 2002-04-22 16:54:53.404179500 cached ns pertisp.com.ar. ns1.pertisp.com.ar. > 2002-04-22 16:54:53.404182500 cached ns pertisp.com.ar. ns2.pertisp.com.ar. > 2002-04-22 16:54:53.404184500 cached a ns1.pertisp.com.ar. > 2002-04-22 16:54:53.404186500 cached a ns2.pertisp.com.ar. > 2002-04-22 16:54:53.404188500 tx 0 soa baby.dyn.pertisp.com.ar. pertisp.com.ar. >200.49.76.6 > 200.49.76.6 200.49.76.34 > 2002-04-22 16:54:53.406347500 n
Re: [GnuDIP] nsupdate & djb's dnscache are not friends :-(
Please remember to reply to the mailing list, not the original sender: http://gnudip2.sourceforge.net/#mailinglist + El 22 Apr 2002 a las 21:17, Thilo Bangert escribió: > > On Monday, 22. April 2002 21:03, you wrote: > > Hi, > > Hi > > > > > I just installed GnuDIP 2.3.5 and was toying around and > > adjusting things when it "suddenly" stopped working. I > > couldn't update via web or via tcp... I checked and > > noticed that in fact, I wasn't able to make a > > successful nsupdate even via command line. > > > > I added "-d" to nsupdate and saw that the error message > > said something about not getting a SOA record. > > > > A "host -t soa host.dyndomain.mydomain.com" didn't get > > a SOA record but, as far as I remembered, never did. > > The SOA belongs to dyndomain.mydomain.com not to > > host.dyndomain.mydomain.com. > > > > After a while I remembered I had changed the order of > > the nameserver entries in /etc/resolv.conf in the > > GnuDIP host. > > > > Originally there was a BIND resolver (not the BIND > > authoritative server) and I had put it below a DJB's > > dnscache. > > > > After digging enough I noticed the following. > > > > With the BIND resolver I got the following: > > > # dnsqr any host.dyndomain.mydomain.com > > > 255 host.dyndomain.mydomain.com: > > > 97 bytes, 1+0+1+0 records, response, authoritative, nxdomain > > > query: 255 host.dyndomain.mydomain.com > > > authority: dyndomain.mydomain.com 10 SOA ns1.dyndomain.mydomain.com > > > hostmaster.dyndomain.mydomain.com 2002042214 10800 3600 360 10 > > > > And with DJB's dnscache: > > > # dnsqr any host.dyndomain.mydomain.com > > > 255 host.dyndomain.mydomain.com: > > > 41 bytes, 1+0+0+0 records, response, authoritative, nxdomain > > > query: 255 host.dyndomain.mydomain.com > > > > Note that BIND includes an authority section for > > whoever has authority to that domain, whereas dnscache > > does not. > > > > The point is, if you are using nsupdate, you CAN'T > > resolve via dnscache. > > why do you conclude that? i can't seem to follow you... > 192.168.1.2 is running dnscache 192.168.1.99 is running bind 8.2.3 (cache only) /etc/resolv.conf has nameserver 192.168.1.2 nameserver 192.168.1.99 > # nsupdate -d -v > > update delete baby.dyn.pertisp.com.ar. in a > > > Reply from SOA query: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49055 > ;; flags: qr rd ra ; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 > ;; QUESTION SECTION: > ;baby.dyn.pertisp.com.ar. IN SOA > > > response to SOA query didn't contain an SOA > # nsupdate doesn't work and complains that a response to SOA query didn't contain an SOA. Here's dnscache log: 2002-04-22 16:54:53.404173500 query 28856 192.168.1.7:32834:49055 soa baby.dyn.pertisp.com.ar. 2002-04-22 16:54:53.404179500 cached ns pertisp.com.ar. ns1.pertisp.com.ar. 2002-04-22 16:54:53.404182500 cached ns pertisp.com.ar. ns2.pertisp.com.ar. 2002-04-22 16:54:53.404184500 cached a ns1.pertisp.com.ar. 2002-04-22 16:54:53.404186500 cached a ns2.pertisp.com.ar. 2002-04-22 16:54:53.404188500 tx 0 soa baby.dyn.pertisp.com.ar. pertisp.com.ar. 200.49.76.6 200.49.76.6 200.49.76.34 2002-04-22 16:54:53.406347500 nodata 200.49.76.6 10 6 baby.dyn.pertisp.com.ar. If you look at what the query for "ANY" answers, you get: > # dnsqr any baby.dyn.pertisp.com.ar > 255 baby.dyn.pertisp.com.ar: > 57 bytes, 1+1+0+0 records, response, noerror > query: 255 baby.dyn.pertisp.com.ar > answer: baby.dyn.pertisp.com.ar 5 A 1.2.3.4 Now I flip the order in /etc/resolv.conf: nameserver 192.168.1.99 nameserver 192.168.1.2 > # nsupdate -d -v > > update delete baby.dyn.pertisp.com.ar. in a > > > Reply from SOA query: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24278 > ;; flags: qr aa rd ra ; QUESTION: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 > ;; QUESTION SECTION: > ;baby.dyn.pertisp.com.ar. IN SOA > > ;; AUTHORITY SECTION: > dyn.pertisp.com.ar. 10 IN SOA ns1.pertisp.com.ar. >hostmaster.pert.com.ar. 2002042215 10800 3600 360 10 > > > Found zone name: dyn.pertisp.com.ar > The master is: ns1.pertisp.com.ar > > Reply from update query: > ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 10966 > ;; flags: qr ra ; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 > > > update add baby.dyn.pertisp.com.ar. 5 in a 1.2.3.4 > > > Reply from SOA query: > ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55227 > ;; flags: qr aa rd ra ; QUESTION: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 > ;; QUESTION SECTION: > ;baby.dyn.pertisp.com.ar. IN SOA > > ;; AUTHORITY SECTION: > dyn.pertisp.com.ar. 10 IN SOA ns1.pertisp.com.ar. >hostmaster.pert.com.ar. 2002042216 10800 3600 360 10 > > > Found zone name: dyn.pertisp.com.ar > The master is: ns1.pertisp.com.ar > > Reply from update query: > ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 49272 > ;; flags: qr ra ; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 > > > Destroy DST lib > Detach
Re: [GnuDIP] nsupdate & djb's dnscache are not friends :-(
Please remember to reply to the mailing list, not the original sender: http://gnudip2.sourceforge.net/#mailinglist + On Monday, 22. April 2002 21:03, you wrote: > Hi, Hi > > I just installed GnuDIP 2.3.5 and was toying around and > adjusting things when it "suddenly" stopped working. I > couldn't update via web or via tcp... I checked and > noticed that in fact, I wasn't able to make a > successful nsupdate even via command line. > > I added "-d" to nsupdate and saw that the error message > said something about not getting a SOA record. > > A "host -t soa host.dyndomain.mydomain.com" didn't get > a SOA record but, as far as I remembered, never did. > The SOA belongs to dyndomain.mydomain.com not to > host.dyndomain.mydomain.com. > > After a while I remembered I had changed the order of > the nameserver entries in /etc/resolv.conf in the > GnuDIP host. > > Originally there was a BIND resolver (not the BIND > authoritative server) and I had put it below a DJB's > dnscache. > > After digging enough I noticed the following. > > With the BIND resolver I got the following: > > # dnsqr any host.dyndomain.mydomain.com > > 255 host.dyndomain.mydomain.com: > > 97 bytes, 1+0+1+0 records, response, authoritative, nxdomain > > query: 255 host.dyndomain.mydomain.com > > authority: dyndomain.mydomain.com 10 SOA ns1.dyndomain.mydomain.com > > hostmaster.dyndomain.mydomain.com 2002042214 10800 3600 360 10 > > And with DJB's dnscache: > > # dnsqr any host.dyndomain.mydomain.com > > 255 host.dyndomain.mydomain.com: > > 41 bytes, 1+0+0+0 records, response, authoritative, nxdomain > > query: 255 host.dyndomain.mydomain.com > > Note that BIND includes an authority section for > whoever has authority to that domain, whereas dnscache > does not. > > The point is, if you are using nsupdate, you CAN'T > resolve via dnscache. why do you conclude that? i can't seem to follow you... -- regards Thilo -- GnuDIP Mailing List http://gnudip2.sourceforge.net/#mailinglist
