[Unbound-users] unbound and newegg.com
Geoffrey Sisson
geoff at panix.com
Wed Jun 25 19:10:43 UTC 2008
Olafur Gudmundsson <ogud at ogud.com> writes:
> This server does not even have the SOA or NS that are required to exist
> at the top of a zone it only answers query for A correctly.
>
> IMHO it is wrong to a fix in resolver for such badly behaving
> load balancer.
>
> Please do not do it, tell people to report the error to the site
> and instruct them to report the equipment they has a broken DNS
> server.
I agree that the server behaviour should be corrected. The question
is: how many name servers out there exhibit this error? If only
the servers for www.newegg.com and www.usps.com are broken, then
I agree that putting this work-around in the resolver is unnecessary
and perhaps even harmful. If they are just the tip of an iceberg,
then the work-around is needed. Otherwise sites that try to deploy
Unbound will find themselves dealing with user complaints for which
the convenient solution will be to revert to BIND.
I don't know how often this misconfiguration occurs. It would be
interesting to obtain the logs from a high-traffic resolver that
hasn't blackholed lame server logging. One clue, though: PowerDNS
Recursor appears to have the same work-around as BIND:
http://www.panix.com/~geoff/pdns.out
Geoff
More information about the Unbound-users
mailing list