From owner-freebsd-questions@FreeBSD.ORG Fri Nov 5 05:32:19 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A66311065674 for ; Fri, 5 Nov 2010 05:32:19 +0000 (UTC) (envelope-from jon@radel.com) Received: from wave.radel.com (wave.radel.com [216.143.151.4]) by mx1.freebsd.org (Postfix) with ESMTP id 32A338FC28 for ; Fri, 5 Nov 2010 05:32:18 +0000 (UTC) Received: by wave.radel.com (CommuniGate Pro PIPE 4.1.6) with PIPE id 9903362; Fri, 05 Nov 2010 01:32:18 -0400 Received: from [192.168.43.221] (account jon@radel.com HELO braeburn.local) by wave.radel.com (CommuniGate Pro SMTP 4.1.6) with ESMTP-TLS id 9903360; Fri, 05 Nov 2010 01:32:12 -0400 Message-ID: <4CD396DB.5000204@radel.com> Date: Fri, 05 Nov 2010 01:32:11 -0400 From: Jon Radel User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X 10.5; en-US; rv:1.9.2.11) Gecko/20101013 Thunderbird/3.1.5 MIME-Version: 1.0 To: kline References: <201011040210.oA42A7rb008179@mail.r-bonomi.com> <20101104055900.GA4796@thought.org> <4CD269F8.3040105@bah.homeip.net> <1288930975.2625.35.camel@newtao.thought.org> In-Reply-To: <1288930975.2625.35.camel@newtao.thought.org> Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha1; boundary="------------ms080506090704050902040306" X-Radel.com-MailScanner-Information: Please contact Jon for more information X-Radel.com-MailScanner: Found to be clean X-Mailer: CommuniGate Pro CLI mailer X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-questions@freebsd.org Subject: Re: ATTN GARY KLINE X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Nov 2010 05:32:19 -0000 This is a cryptographically signed message in MIME format. --------------ms080506090704050902040306 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable On 11/5/10 12:22 AM, kline wrote: > > i''m using evo to be able to click on. i have fewer ``Fail'' type > responses, but do not understand the failure messages. Also, since it > has been 9.5 years since I read DNS AND BIND, the jargon is lost. Wha= t > does "glue" means? and how should I resolve? > > It is time to get this stuff arrow-straight, so hoping that someone > on-list can clue me in. > > > tx, > > > gary > > http://www.dnscog.com/report/thought.org/1288928790 If your parents, the nameservers authoritative for .org, tell the world=20 that one of the nameservers for thought.org is ns1.thought.org, they=20 also have to tell the world what the IP address for ns1.thought.org is=20 using an A record. That A record is glue. Otherwise you get a machine=20 conversation something like: Resolving nameserver trying to find a record in the thought.org zone=20 (RN): Please Mr. root server, I'd like to know about www.thought.org....= Root: See the .org folks over there.... RN: Please Mr. top-level dude, about that www.thought.org.... Org: Well, see ns1.thought.org.... RN: Ahem, I'm trying to find out basic stuff about thought.org and I=20 don't know the address for ns1.thought.org in order to ask it Org: Well, ask ns1.thought.org what the address for ns1.thought.org is..= =2E RN: But, but, but....followed by petulant stomping off Glue A records fix that problem. BTW, the fact that a glue record isn't returned for ns2.everydns.net in=20 response to a query about NS records for thought.org really isn't a=20 problem; note the "info" rather than "fail" from DNSCog. Biggest problem I still see is that ns2.everydns.net refuses to respond=20 to queries about thought.org. You sure your account there is still=20 active and functional and that you're allowing zone transfers to them? =20 I note that you don't allow transfers from arbitrary addresses, and=20 http://www.everydns.com/faq/secondary-domain/example-setup does warn=20 that the source address for transfer requests was/will/did change. Some of the problems reported by DNSCog appear to be bogus. They've got = some bugs related to cases where a nameserver has a name in the domain=20 in question. (And also some bugs related to nameservers which are=20 reachable by both ipv4 and ipv6, but that doesn't apply to you.) --=20 --Jon Radel jon@radel.com --------------ms080506090704050902040306--