[nsd-users] nsd, zonec and out of zone data
Ondřej Surý
ondrej at sury.org
Mon Jun 8 22:32:12 UTC 2009
On Tue, Jun 9, 2009 at 00:22, Paul Wouters<paul at xelerance.com> wrote:
> On Tue, 9 Jun 2009, Ondřej Surý wrote:
>
>> what does named-checkzone (and named-compilezone) say to you? My does:
>
> 2009042902.zone:2840621: ignoring out-of-zone data (ns-ext.isc.org)
And this is your answer what bind does...
>> ondrej at pagan:/tmp$ named-checkzone sury.cz sury.cz
>> sury.cz:15: ignoring out-of-zone data (ns-ext.isc.org)
>> sury.cz:16: ignoring out-of-zone data (ns-ext.isc.org)
>> zone sury.cz/IN: loaded serial 1
>
> So is that zone served by any nsd daemon? My version of nsd (3.2.2)
> will not compile such zone into nsd.db.
Nope, I just made it for purpose of testing.
> I guess when using bind as the hidden primary, it will drop
> the "out of zone" data, so any subsequent nsd *XFR's do not see
> this record and thus have no problem. At least that is the only
> explanation I can come up with. Try loading sury.cz into nsd
> before bind has ignored the out-of-zone data....
Yep.
> Since I don't see the A record appearing in any of the answers,
> I guess I should really just make the zone owner remove this bogus
> entry.
Yep, this is out of the bailiwick data and should not be there.
Ondrej.
--
Ondřej Surý <ondrej at sury.org>
http://blog.rfc1925.org/
More information about the nsd-users
mailing list