[Unbound-users] Problems with dipmap.com
wouter at NLnetLabs.nl
Mon Sep 19 13:51:34 UTC 2011
-----BEGIN PGP SIGNED MESSAGE-----
On 09/19/2011 03:43 PM, Attila Nagy wrote:
> On 09/19/11 15:34, W.C.A. Wijngaards wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>> On 09/19/2011 03:27 PM, Attila Nagy wrote:
>>> No, it's a nearly up to date trunk (I can give exact subversion revision).
>>> Here's the verbose log:
>>> Sep 19 15:16:40 cns01d unbound: [61501:2] info: validator operate: query
>>> tirparkolo.dipmap.com. A IN
>>> Only ns.dipmap.com is accessible, the others don't answer.
>> So it says:
>> Sep 19 15:16:40 cns01d unbound: [61501:2] debug: ADDR_LAME ip4
>> 188.8.131.52 port 53 (len 16)
>> So the only working one, ns.dipmap is LAME. That flag means that it
>> seems to not serve the zone at all. It serves upwards referral (like
>> BIND does) for the zones that it does not have. This was seen and
>> cached for dipmap.com for the .43 IP address. The host cache times out
>> in 15 minutes.
> Indeed, it looks very lame. My only problem is that the user says "it's
> working elsewhere".
> For example google&opendns serves it right.
I do not understand how they continue to query LAME servers. You are
not supposed to do so. BIND would not do so too. Is it that it only
gives lame answers to some queries or some queriers? If it would not
give Lame answers, then it would work with unbound (and the parent-child
disagreement would not be an issue).
Best regards, Wouter
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----
More information about the Unbound-users