[TriLUG] Slides from last night's DNS Presentation
Aaron S. Joyner
aaron at joyner.ws
Fri Oct 15 11:08:44 EDT 2004
Matt Pusateri wrote:
>First let me thank you for an excellent presentation (on short notice
>too, and hecklers aside). Maybe in the future we will get luck enough
>to do a advance DNS, where we have more time to explore TSIG and
Since there was certainly more material than I could cover in 2 hours,
with everyone keeping up to speed, there was some talk of having a DNS
class, where we could cover those more advanced topics in detail. It's
being considered for November's class, the Saturday after the November
meeting. More to follow on that, if it comes to fruition.
>I have a follow up, due to us running out of time.
>It might be worth explaining what lame servers are as those new to DNS
>will most likely see them in their DNS logs and might wonder what they
A lame server, comes from a lame delegation. It's not (usually) the
fault of the server being blamed, but of the zone that points to it.
Consider this scenario:
- You run the zone, example.com
- You configure your zone file to have 3 NS records, ns1.example.com,
ns2.example.com, and ns3.example.com
- You point these 3 NS records at 3 different servers, 18.104.22.168, 22.214.171.124,
- You configure 126.96.36.199 and 188.8.131.52, but forget to configure 184.108.40.206
At this point, 220.127.116.11 is a "lame server", because if you ask it for
example.com, it will give a non-authoritative response, if any. The
more common scenario (and this is a real example from TriLUG's recent
history), is where that "lame server" *USED* to be a valid DNS server,
but has since been reformatted or reworked, and is no longer
configured. We had old NS records left over from when certain
individuals used to be backup slave servers for the trilug.org domain.
This caused some confusion, and if you search you can probably find a
history of it on the list.
Sorry for being slow in the response. :)
Aaron S. Joyner
More information about the TriLUG