[108373] in North American Network Operators' Group
Re: About.com/NYTimes admins about?
daemon@ATHENA.MIT.EDU (Christopher Morrow)
Wed Oct 1 09:55:43 2008
Date: Wed, 1 Oct 2008 09:55:27 -0400
From: "Christopher Morrow" <morrowc.lists@gmail.com>
To: "Brendan Cleary" <cleary@nytimes.com>
In-Reply-To: <48E29470.8060602@nytimes.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
On Tue, Sep 30, 2008 at 5:04 PM, Brendan Cleary <cleary@nytimes.com> wrote:
> I worked with Chris on this outside of the list. Replying here just to close
> the loop in case anyone else was interested.
>
> This situation is explained in this Case Study:
> http://support.citrix.com/article/CTX117947
>
> The key sentence being:
> "In NetScaler software release 7.0, when the DNS server looks up AAAA
> records, the response was "0" and errors "0". However, in NetScaler software
> release 8.0, with standard response "0", the NetScaler appliance sends the
> delegation records to root. "
>
> To summarize, if you don't have your NS records in place on the Netscalers,
> you will see a loop for AAAA queries (root>auth>netscaler>root....),
> eventually resulting in a SERVFAIL.
Thanks Brendan! Hopefully Citrix can improve their standard config for
this sort of deployment to make this a little simpler? I can't believe
NYTimes is the only user of Netscalers for this function.
-Chris
