Re: RIPE DNS Hostcount February 1993
Marten wrote:
Folks,
A bit later than usual, but here is the February RIPE DNS hostcount.
- CH, DK, IL and YU all went down, with CH going down almost 3000 hosts. As far as I could see from the error output, this is due to connectivity issues and badly configured nameservers ...
according to the ch.error file the reason for the lost 3000 host in CH is:
>> No nameservers for epfl.CH responded
When looking into this error file I also see a lot of entries like: !!! extraneous glue record for scsnms.switch.ch within dial-switch.CH But I can't find the corresponding glue records at all, at least in the hostfiles I am responsible for. In fact I recently gave the same advice (to remove unnecessary glue records) to a customer of SWITCH, we are running a secondary DNS server for. In the transfered zone file there were entries like: $ORIGIN ch. isburg IN NS scsnms.switch.ch. ; Ignoring info about scsnms.switch.ch, not in zone isburg.ch. ; $ORIGIN switch.ch. ; scsnms 512565 IN A 130.59.1.30 But I had to learn, that these entries are NOT caused by unnecessary glue records, they are just generated for what ever reasons by BIND. So are the glue records, the RIPE DNS job detects, also not real? I guess so. Willi Huber
Willi Huber <huber@chx400.switch.ch> writes: * Marten wrote: * * according to the ch.error file the reason for the lost 3000 host in CH is: * * >>>>>>>> No nameservers for epfl.CH responded * * * When looking into this error file I also see a lot of entries like: * * !!! extraneous glue record for scsnms.switch.ch within dial-switch.CH * * But I can't find the corresponding glue records at all, at least in the * hostfiles I am responsible for. In fact I recently gave the same advice * (to remove unnecessary glue records) to a customer of SWITCH, we are * running a secondary DNS server for. In the transfered zone file there were * entries like: * * $ORIGIN ch. * isburg IN NS scsnms.switch.ch. * ; Ignoring info about scsnms.switch.ch, not in zone isburg.ch. * ; $ORIGIN switch.ch. * ; scsnms 512565 IN A 130.59.1.30 * * But I had to learn, that these entries are NOT caused by unnecessary * glue records, they are just generated for what ever reasons by BIND. * So are the glue records, the RIPE DNS job detects, also not real? I * guess so. When I do a zone transfer for dial-switch.ch I get back something that starts with: dial-switch.ch 86400 IN SOA nova.dial-switch.ch ch-zone-contact.switch.ch ( 37 ;serial (version) 28800 ;refresh period 7200 ;retry refresh time 604800 ;expiration period 86400 ;default ttl ) dial-switch.ch 86400 IN NS nova.dial-switch.ch nova.dial-switch.ch 86400 IN A 192.86.166.254 dial-switch.ch 86400 IN NS scsnms.switch.ch scsnms.switch.ch 514618 IN A 130.59.1.30 !!! extraneous glue record for scsnms.switch.ch within dial-switch.ch You see that the A record for scsnms.switch.ch should not be returned in this zone. A zone transfer should ONLY return data for that zone. This is a BIND bug. If however I do the same for nikhef.nl : nikhef.nl 86400 IN SOA nikhefh.nikhef.nl hostmaster.nikhef.nl ( 930208 ;serial (version) 14400 ;refresh period 3600 ;retry refresh time 604800 ;expiration period 86400 ;default ttl ) nikhef.nl 86400 IN NS nikhefh.nikhef.nl nikhefh.nikhef.nl 86400 IN A 192.16.199.1 nikhef.nl 86400 IN NS nikhapo.nikhef.nl nikhapo.nikhef.nl 86400 IN A 192.16.199.4 nikhapo.nikhef.nl 86400 IN A 192.16.186.42 nikhef.nl 86400 IN NS sering.cwi.nl nikhef.nl 86400 IN MX 10 nikhefh.nikhef.nl nikhef.nl 86400 IN MX 20 nikhapo.nikhef.nl nikhef.nl 86400 IN MX 30 sun4nl.nluug.nl There could have been records for sun4nl.nluug.nl and sering.cwi.nl but there are not, because nikhef.nl is using a patched BIND, which will not return these records. They are not necessarily glue records, but there is no means to see the difference. Point is that they should not be in the zone output. I'd suggest you patch your BIND for this. -Marten
participants (2)
-
Marten Terpstra -
Willi Huber