[sclug] DNS caching brokenness

Simon Heywood simon at triv.org.uk
Sat Jan 28 19:10:46 UTC 2006 

On Sat, 28 Jan 2006 10:53:56 +0000, Simon Huggins wrote:
> On Tue, Jan 24, 2006 at 06:59:19PM +0000, Simon Heywood wrote:
> > I've been trying to diagnose a problem with one of the DNS resolvers run
> > by my ADSL provider, Zen Internet. Six days ago I redelegated one of my
> > domains (triv.org.uk) to a new set of authoritative name servers, but
> > the resolver in question still hands out the old records:
> 
> I can't explain this.  If I check DNS and Bind then it does indeed say,
> as you'd expect, you can only cache records according to their TTL.  You
> didn't break the zone that ns0.triv.org.uk returned to have the wrong NS
> records for a while did you?

No, ns0.triv.org.uk has always had the new NS records. AFAIK the only
thing I changed since that zone file was set up was the 'lists' CNAME.
The TTLs have always been set to twenty-four hours as well.

> Do you know what they run as their recursive DNS servers?  Maybe they
> have some aggressive caching parameters set to break TTLs.  I believe
> NTL do weird DNS things (or possibly it's their webcache I haven't
> looked personally, just seen reports).

----------
$ host -c chaos -t txt version.bind. 212.23.3.100
Using domain server:
Name: 212.23.3.100
Address: 212.23.3.100#53
Aliases:

version.bind text "4.9.4"
$ host -c chaos -t txt version.bind. 212.23.6.100
Using domain server:
Name: 212.23.6.100
Address: 212.23.6.100#53
Aliases:

version.bind text "4.9.4"
----------

BTW, they eventually picked up the redelegation (suspiciously soon after
I caused the serial number on the old zone to be changed). Although
there's still something odd going on:

----------
$ host -t ns triv.org.uk. 212.23.3.100
Using domain server:
Name: 212.23.3.100
Address: 212.23.3.100#53
Aliases:

triv.org.uk name server ns1.blackcatnetworks.co.uk.
triv.org.uk name server ns0.triv.org.uk.
$ host -t ns triv.org.uk. 212.23.6.100
Using domain server:
Name: 212.23.6.100
Address: 212.23.6.100#53
Aliases:

triv.org.uk name server ns1.blackcatnetworks.co.uk.
triv.org.uk name server ns0.triv.org.uk.
triv.org.uk name server ns0.blackcatnetworks.co.uk.
----------

> Oh hrm, you have TCP port 53 closed.  Is that deliberate?

It's a 'feature' of MaraDNS, or rather of the version in Debian/Sarge,
and is something to do with having separate programs for serving up
authoritative records and doing zone transfers. I'm not entirely happy
about that, but my DNS answers shouldn't be long enough to cause a
problem, and otherwise MaraDNS seems to be a reasonable choice for
running an authoritative DNS server.

S.

More information about the Sclug mailing list