Difficult to tell, but could it be, that the zhaw.ch zonefile looks like this?
$ORIGIN NS ns1.zhaw.ch. $ORIGIN NS ns2.zhaw.ch.
If yes, why not change that to
$ORIGIN NS ns1.zhwin.ch. $ORIGIN NS ns2.zhwin.ch.
The NS records should match the NS entries in the zonefile - then you shouldn't run into problems.
Cheers, Viktor
Benoit Panizzon wrote:
Hi all
We observe a strange bind 8.3 behaviour with the domain zhaw.ch
According to SWITCH: Name servers: ns1.zhwin.ch [160.85.104.60] ns2.zhwin.ch [160.85.104.61]
$ host -t ns zhaw.ch zhaw.ch name server ns1.zhaw.ch. zhaw.ch name server ns2.zhaw.ch.
(which have the same IP as the zhwin server above)
Well, what happens now, is that right after restarting bind, it does not know the domain. So the first query goes to switch and gets the zhwin DNS Servers. With the IP-Addresses of the zhwin server, bind does resolve hosts within the zhaw domain and learns about the NS published in that zone.
After a while, the entries in the zone expire, but strangely bind still nows the names of the zhaw.ch dns but not their IP-Addresse.
So bind 8.3 does query switch for the ip addresse of ns1.zhaw.ch and ns2.zhaw.ch. Of course switch does not know. => bind complains that no nameservers are resolvable for that domain. Users cannot get though to the website and mailserver of zhaw.
This does not seam to happen with bind 9 DNS.
Is this a bug (or feature) in bind 8.3 or is this just a misconfiguration in the zhaw zonefile? I already contacted them and asked them to either change the NS registered @ switch or to put the same DNS as @ switch into the zonefile to fix that problem.
Benoit Panizzon