Guest

Cisco Network Registrar

Field Notice: Major DNS Problem in Cisco Network Registrar Version 5.5


March 1, 2002



Products Affected

  • CNR-UPG-STD-BASE

  • CNR-STD-BASE

Problem Description

The newly released Cisco Network Registrar (NR)Version 5.5 product release has been diagnosed with a major DNS problem, which may result in customer service outages and performance degradation

Background

If a Cisco NR Version 5.5 server is running in non-slave mode, with or without forwarders, cached non-authoritive A type records corresponding to other name servers are very likely to have their data corrupted. Customers have seen this with the IP addresses of A type records assuming a value of 0.152.150.128 or 128.150.152.0 (depending on use of Solaris or Microsoft Windows NT/2000). Initially these records are cached correctly. When the server needs to adjust the Round Trip Time (RTT) due to subsequent query responses, the server is likely to corrupt the A type resource record data

Problem Symptoms

The most noticeable symptom is the slowness, and ultimately the failure, to resolve the non-authoritative name, such as names on the internet.

Workaround/Solution

If the server installation does not utilize resolution exceptions, the workaround is to place the server in slave-mode and configure one or more non-Cisco NR Version 5.5 forwarders.

If the server installation does require resolution exceptions or if slave mode is not appropriate, the workaround is to reinstall Cisco NR Version 5.0.11 and restore a backup database until a fix for Cisco NR Version 5.5 is issued by Cisco.

For More Information

If you require further assistance, or if you have any further questions regarding this field notice, please contact the Cisco Systems Technical Assistance Center (TAC) by one of the following methods: