[dns-operations] anybody from Double Click DNS reading this?

bert hubert bert.hubert at netherlabs.nl
Wed Feb 11 09:54:40 UTC 2009

On Wed, Feb 11, 2009 at 08:49:00PM +1100, Mark Andrews wrote:
> > This turns out to be an issue in BIND 9.2.2. Compare:
> 	Looks like a load balancer in front of BIND 9.2.2 that was
> 	not configured to know about the A record at ad.3fr.doubleclick.net
> 	and the query fell through to it.  If you add +dnssec to the
> 	initial query you will get a udp size of 2048 returned.

Ah - the conclusion that it was BIND 9.2.2 related came from the fact that
we also observed the behaviour for:

$ dig +nsid @ us.ebayobjects.com.
$ dig @ us.ebayobjects.com.

Which also claims to be BIND 9.2.2. Perhaps 'n=2' statistics are not good
enough :-)

It would be very good if the problem were restricted to load balancers and
not involve BIND. Thanks for your input.


http://www.PowerDNS.com      Open source, database driven DNS Software 
http://netherlabs.nl              Open and Closed source services

More information about the dns-operations mailing list