[dns-operations] *.de kicked out of service due to NXDOMAIN
Florian Weimer
fweimer at bfk.de
Fri Nov 13 14:34:53 UTC 2009
* Lutz Donnerhacke:
> Since about an hour the DENIC servers respond NXDOMAIN (instead of NONAME)
> for nonexisting record of existing labels.
Ouch, good catch. Note that the impact really depends heavily on the
resolver. Unbound caches the NXDOMAIN per QTYPE. With BIND 9, you
can force the entries out of the externally visible cache, but they
seem remain in the RTT cache. This smells like a bug, but it means
that you probably can't force .DE from a BIND resolver using a shell
one-liner.
--
Florian Weimer <fweimer at bfk.de>
BFK edv-consulting GmbH http://www.bfk.de/
Kriegsstraße 100 tel: +49-721-96201-1
D-76133 Karlsruhe fax: +49-721-96201-99
More information about the dns-operations
mailing list