Hey Guys,
I found an interesting problem with version 1.4.2 which I pulled from
SVN on Friday. The problem is related to the handling of parent-child
disagreement domains.
When trying to perform a looking for www.hkolympic.org. The parent
responds with:
[1263926394] unbound[10255:0] info: reply from <com.> 192.33.14.30#53
[1263926394] unbound[10255:0] info: incoming scrubbed packet: ;;
->>HEADER<<- op code: QUERY, rcode: NOERROR, id: 0
;; flags: qr ; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1
;; QUESTION SECTION:
;; ns1.apptailor.com. IN A
;; ANSWER SECTION:
ns1.apptailor.com. 172800 IN A 202.181.169.75
;; AUTHORITY SECTION:
apptailor.com. 172800 IN NS ns1.apptailor.com.
apptailor.com. 172800 IN NS ns2.apptailor.com.
;; ADDITIONAL SECTION:
ns2.apptailor.com. 172800 IN A 202.181.167.233
;; Query time: 0 msec
;; WHEN: Wed Dec 31 19:00:00 1969
;; MSG SIZE rcvd: 99
But then ns1.apptailor.com responds with:
[1263926394] unbound[10255:0] info: response for <ns1.apptailor.com. A IN>
[1263926394] unbound[10255:0] info: reply from <apptailor.com.>
202.181.167.233# 53
[1263926394] unbound[10255:0] info: incoming scrubbed packet: ;;
->>HEADER<<- op code: QUERY, rcode: NOERROR, id: 0
;; flags: qr ; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;; ns1.apptailor.com. IN A
;; ANSWER SECTION:
;; AUTHORITY SECTION:
ns1.apptailor.com. 14400 IN NS 202.181.169.75.apptailor.com.
;; ADDITIONAL SECTION:
;; Query time: 0 msec
;; WHEN: Wed Dec 31 19:00:00 1969
;; MSG SIZE rcvd: 64
And then finally:
[1263926394] unbound[10255:0] info: response for
<202.181.169.75.apptailor.com. A IN>
[1263926394] unbound[10255:0] info: reply from <apptailor.com.>
202.181.169.75#5 3
[1263926394] unbound[10255:0] info: incoming scrubbed packet: ;;
->>HEADER<<- op code: QUERY, rcode: NXDOMAIN, id: 0
;; flags: qr aa ra ; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;; 202.181.169.75.apptailor.com. IN A
;; ANSWER SECTION:
;; AUTHORITY SECTION:
apptailor.com. 14400 IN SOA ns1.apptailor.com.
root.apptailor.com. 2 009111400 14400 3600 1209600 86400
;; ADDITIONAL SECTION:
;; Query time: 0 msec
;; WHEN: Wed Dec 31 19:00:00 1969
;; MSG SIZE rcvd: 91
This ultimately results in a SERVFAIL for www.hkolympic.org. However,
subsequent queries for www.hkolympic.org work because of the existing
cache for ns1.apptailor.com and ns1.apptailor.com from the parent. I
imagine that the desired effect of the change introduced in 1.4.1
would be for the initial query to resolve as well?
Thanks,
Mike