How to trace cache information?
Barry Margolin
barmar at bbnplanet.com
Tue Jun 1 19:02:14 UTC 1999
In article <7iut7o$cdb$1 at news.IAEhv.nl>,
Edwin de Graaf <graaf at surf.iae.nl> wrote:
>We are seeing a problem when looking up information for the domain
>capacity.nl. Occasionally Named will return a NXDOMAIN for this domain,
>most of the time it works. The NXDOMAIN is cached for a while then. A
>database dump shows the following for capacity.nl when the lookup fails:
....
>I guess the NXDOMAIN result should have come from a server that is
>authoritive for the nl. zone. I have checked with dig, and all servers
>that are reported with "dig nl nx" have the correct information for
>capacity.nl. How can I find out where the NXDOMAIN result came from (which
>nameserver)? I have tried using debugging (kill -USR1 three times), but I
>was unable to deduce much from the named.run file. Some help here would be
>much appreciated.
No, the NXDOMAIN is coming from mail.capacity.nl:
% dig capacity.nl a @mail.capacity.nl
; <<>> DiG 2.2 <<>> capacity.nl a @mail.capacity.nl
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10
;; flags: qr aa rd ra; Ques: 1, Ans: 0, Auth: 0, Addit: 0
;; QUESTIONS:
;; capacity.nl, type = A, class = IN
;; Total query time: 141 msec
;; FROM: tools to SERVER: mail.capacity.nl 195.86.70.194
;; WHEN: Tue Jun 1 14:56:24 1999
;; MSG SIZE sent: 29 rcvd: 29
However, an ANY query returns the records:
% dig capacity.nl any @mail.capacity.nl
; <<>> DiG 2.2 <<>> capacity.nl any @mail.capacity.nl
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10
;; flags: qr aa rd ra; Ques: 1, Ans: 6, Auth: 3, Addit: 7
;; QUESTIONS:
;; capacity.nl, type = ANY, class = IN
;; ANSWERS:
capacity.nl. 86400 NS mail.capacity.nl.
capacity.nl. 86400 NS ns.wirehub.net.
capacity.nl. 86400 NS ns2.wirehub.net.
capacity.nl. 86400 SOA mail.capacity.nl. postmaster.capacity.nl. (
1999050619 ; serial
28800 ; refresh (8 hours)
7200 ; retry (2 hours)
604800 ; expire (7 days)
86400 ) ; minimum (1 day)
capacity.nl. 86400 MX 110 mx.wirehub.net.
capacity.nl. 86400 MX 100 mail.capacity.nl.
;; AUTHORITY RECORDS:
Capacity.nl. 86400 NS ns2.wirehub.net.
Capacity.nl. 86400 NS ns.wirehub.net.
Capacity.nl. 86400 NS mail.capacity.nl.
;; ADDITIONAL RECORDS:
mail.capacity.nl. 86400 A 195.86.70.194
ns.wirehub.net. 86400 A 194.165.94.1
ns2.wirehub.net. 86400 A 194.165.94.5
mail.capacity.nl. 86400 A 195.86.70.194
ns2.wirehub.net. 927884062 A 194.165.94.5
ns.wirehub.net. 927884062 A 194.165.94.1
mail.capacity.nl. 86400 A 195.86.70.194
;; Total query time: 186 msec
;; FROM: tools to SERVER: mail.capacity.nl 195.86.70.194
;; WHEN: Tue Jun 1 14:56:30 1999
;; MSG SIZE sent: 29 rcvd: 341
>We are using Bind version 8.1 on FreeBSD 3.1-STABLE.
When I query mail.capacity.nl for the VERSION.BIND record, it doesn't
recognize it. Are you sure this machine is running BIND 8.1? It looks to
me like it's running a broken server that returns an NXDOMAIN error when
the name exists but there are no records for the specific type that was
requested. That's a violation of the protocol -- it should return a
NOERROR status with an empty Answer section.
--
Barry Margolin, barmar at bbnplanet.com
GTE Internetworking, Powered by BBN, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.
More information about the bind-users
mailing list