[nsd-users] nsd, zonec and out of zone data

Paul Wouters paul at xelerance.com
Mon Jun 8 22:22:04 UTC 2009

On Tue, 9 Jun 2009, Ondřej Surý wrote:

> what does named-checkzone (and named-compilezone) say to you? My does:

2009042902.zone:2840621: ignoring out-of-zone data (ns-ext.isc.org)

> ondrej at pagan:/tmp$ named-checkzone sury.cz sury.cz
> sury.cz:15: ignoring out-of-zone data (ns-ext.isc.org)
> sury.cz:16: ignoring out-of-zone data (ns-ext.isc.org)
> zone sury.cz/IN: loaded serial 1

So is that zone served by any nsd daemon? My version of nsd (3.2.2)
will not compile such zone into nsd.db.

I guess when using bind as the hidden primary, it will drop
the "out of zone" data, so any subsequent nsd *XFR's do not see
this record and thus have no problem. At least that is the only
explanation I can come up with. Try loading sury.cz into nsd
before bind has ignored the out-of-zone data....

Since I don't see the A record appearing in any of the answers,
I guess I should really just make the zone owner remove this bogus


More information about the nsd-users mailing list