named quits resolving certain domains

Barry Margolin barmar at genuity.net
Wed Jan 24 16:35:47 UTC 2001 

In article <94mvbp$r4t at pub3.rc.vix.com>, mike miller  <mikem at ndtel.com> wrote:
>;; res_nmkquery(QUERY, triton.net, IN, A)
>------------
>Got answer:
>    HEADER:
>        opcode = QUERY, id = 41604, rcode = SERVFAIL
>        header flags:  response, want recursion, recursion avail.
>        questions = 1,  answers = 0,  authority records = 0,  additional
>= 0
>
>    QUESTIONS:
>        triton.net, type = A, class = IN
>
>------------
>;; res_nmkquery(QUERY, triton.net.stellarnet.com, IN, A)
>------------
>Got answer:
>    HEADER:
>        opcode = QUERY, id = 41605, rcode = NXDOMAIN
>        header flags:  response, auth. answer, want recursion, recursion
>avail.
>        questions = 1,  answers = 0,  authority records = 1,  additional
>= 0
>
>    QUESTIONS:
>        triton.net.stellarnet.com, type = A, class = IN
>    AUTHORITY RECORDS:
>    ->  stellarnet.com
>        ttl = 86400 (1D)
>        origin = ns.stellarnet.com
>        mail addr = hostmaster.stellarnet.com
>        serial = 199902043
>        refresh = 10800 (3H)
>        retry   = 3600 (1H)
>        expire  = 604800 (1W)
>        minimum ttl = 86400 (1D)
>
>------------
>*** ns1.stellarnet.com can't find triton.net: Non-existent host/domain
>
>Why does it say triton.net.stellarnet.com when its only triton.net.  I

It first tried just triton.net and get a SERVFAIL error code.  When it
can't find a name as given, it then tries looking it up with the default
domain appended.

>then did a dig on triton.net and it produced the following:
>[root at ns1 named]# dig triton.net
>
>; <<>> DiG 8.2 <<>> triton.net 
>;; res options: init recurs defnam dnsrch
>;; got answer:
>;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4
>;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
>;; QUERY SECTION:
>;;      triton.net, type = A, class = IN
>
>;; ANSWER SECTION:
>triton.net.             13h10m45s IN A  209.172.0.5
>
>;; AUTHORITY SECTION:
>triton.net.             1d20h57m7s IN NS  NS2.triton.net.
>triton.net.             1d20h57m7s IN NS  NS1.triton.net.
>
>;; ADDITIONAL SECTION:
>NS2.triton.net.         1d20h57m7s IN A  209.172.0.8
>NS1.triton.net.         1d20h57m7s IN A  209.172.0.5
>
>;; Total query time: 1 msec
>;; FROM: ns1.stellarnet.com to SERVER: default -- 205.198.5.2
>;; WHEN: Wed Jan 24 10:15:31 2001
>;; MSG SIZE  sent: 28  rcvd: 112
>
>Then I did another nslookup and it worked???
>very confusing??

It looks like the problem is that ns2.triton.net is misconfigured, as it is
not authoritative for the triton.net domain.  So if your local server
happens to ask ns1, it will get an answer, but if it asks ns2 it may or may
not get an answer, depending on whether ns2 happens to have the answer
cached.  If the answer isn't cached it will return a SERVFAIL error code,
and your local server will return that to you.

-- 
Barry Margolin, barmar at genuity.net
Genuity, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.

More information about the bind-users mailing list