lame servers
Sam Trenholme
strenholme.usenet at gmail.com
Mon Jan 5 09:43:19 EST 2009
>> Digging around on a particular offender (MX lookup for
>> wjh.harvard.edu) I found that there is a lame server entry
>> which causes MaraDNS to respond with a SERVFAIL to the user.
Thank you for the bug report and the fix.
Let me spell out the issue so I can come up with some good SOA test
cases to reproduce this bug and make sure your patch fixes it/
Let's suppose we have sub.example.com, and the root servers say this
for the nameservers for example.com:
example.com. NS ns1.example.net.
example.com. NS ns2.example.net.
ns1.example.net. A 192.168.1.1
ns2.example.net. A 192.168.1.2
When we query 192.168.1.1 or 192.168.1.2 for sub.example.com, we get this:
sub.example.com. NS ns1.example.net.
sub.example.com. NS ns2.example.net.
sub.example.com. NS ns.sub.example.com.
ns1.example.net. A 192.168.1.1
ns2.example.net. A 192.168.1.2
ns.sub.example.com. A 192.168.1.3
And ns.sub.example.com (192.168.1.3) gives us the correct answer.
Now, your patch looks good, but I think I will have to add some tests
so getting this from 192.168.1.1 or 192.168.1.2 for sub.example.com
doesn't put us in an infinite loop--did anyone else read the article
detailing exactly why some Zunes crashed December 31st? It was caused
by an unintentional infinite loop.
sub.example.com. NS ns1.example.net.
sub.example.com. NS ns2.example.net.
ns1.example.net. A 192.168.1.1
ns2.example.net. A 192.168.1.2
- Sam
Note: If you send me a MaraDNS-related support question, I reserve the
right to post your support email to the Mara-DNS mailing list so that
the community at large can examine your issue. MaraDNS security
vulnerability reports, however, will be kept confidential.
More information about the list
mailing list