[dns-operations] anybody from Double Click DNS reading this?
bert hubert
bert.hubert at netherlabs.nl
Wed Feb 11 09:54:40 UTC 2009
On Wed, Feb 11, 2009 at 08:49:00PM +1100, Mark Andrews wrote:
> > This turns out to be an issue in BIND 9.2.2. Compare:
>
> Looks like a load balancer in front of BIND 9.2.2 that was
> not configured to know about the A record at ad.3fr.doubleclick.net
> and the query fell through to it. If you add +dnssec to the
> initial query you will get a udp size of 2048 returned.
Ah - the conclusion that it was BIND 9.2.2 related came from the fact that
we also observed the behaviour for:
$ dig +nsid @216.73.87.151 us.ebayobjects.com.
$ dig @216.73.87.151 us.ebayobjects.com.
Which also claims to be BIND 9.2.2. Perhaps 'n=2' statistics are not good
enough :-)
It would be very good if the problem were restricted to load balancers and
not involve BIND. Thanks for your input.
Bert
--
http://www.PowerDNS.com Open source, database driven DNS Software
http://netherlabs.nl Open and Closed source services
More information about the dns-operations
mailing list