CACHE Question

Brad Knowles brad.knowles at skynet.be
Mon Oct 8 17:51:18 UTC 2001 

At 11:12 AM -0500 10/8/01, Kris McElroy wrote:

>  We are running 9.1.1 on Red Hat Linux 7.1

	You need to upgrade.  No one should be using BIND 9.1.1 anymore. 
If you're going to use BIND 9, you should be running the latest 
-RELEASE version, at the very least.  At the moment, that would mean 
running 9.1.3-REL or 9.2.0rc5.

>                                             We use bind as our
>  caching server and have for some time.  We have never had any
>  problems with it.

	Great!

>                     A customer calls me and says he can't get to
>  a particular website.  I try to ping it and it comes back unknown
>  host.  I get on an NT workstation and ping it, nslookup, and still
>  no luck.

	Try using better DNS debugging tools.  Instead of "nslookup", use "dig".

>            I did a killall -HUP named and still no luck.

	Under no circumstances should you be using signals to communicate 
with BIND.  Please learn to use the "rndc" command.

>                                                           Then I
>  restarted name with no luck.  The website is
>  www.thegospelstation.com and this is the only one that is giving
>  me any problems.

	I don't have any problems:

dig www.thegospelstation.com. any

; <<>> DiG 9.2.0rc3 <<>> www.thegospelstation.com. any
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29188
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.thegospelstation.com.      IN      ANY

;; ANSWER SECTION:
www.thegospelstation.com. 300   IN      A       63.102.200.70

;; Query time: 59 msec
;; WHEN: Mon Oct  8 13:44:01 2001
;; MSG SIZE  rcvd: 58

% dig thegospelstation.com. any

; <<>> DiG 9.2.0rc3 <<>> thegospelstation.com. any
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62316
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 2, ADDITIONAL: 3

;; QUESTION SECTION:
;thegospelstation.com.          IN      ANY

;; ANSWER SECTION:
thegospelstation.com.   155836  IN      NS      NS1.USLIVE.NET.
thegospelstation.com.   155836  IN      NS      NS2.USLIVE.NET.
thegospelstation.com.   86386   IN      SOA     NS1.USLIVE.NET. 
hostmaster.thegospelstation.com. 2001062012 21600 10800 604800 300
thegospelstation.com.   297     IN      MX      0 mail.thegospelstation.com.

;; AUTHORITY SECTION:
thegospelstation.com.   155836  IN      NS      NS1.USLIVE.NET.
thegospelstation.com.   155836  IN      NS      NS2.USLIVE.NET.

;; ADDITIONAL SECTION:
NS1.USLIVE.NET.         172672  IN      A       63.102.200.4
NS2.USLIVE.NET.         172672  IN      A       63.102.204.132
mail.thegospelstation.com. 297  IN      A       63.102.200.70

;; Query time: 3 msec
;; WHEN: Mon Oct  8 13:46:08 2001
;; MSG SIZE  rcvd: 228

% dig @NS1.USLIVE.NET. thegospelstation.com. any

; <<>> DiG 9.2.0rc3 <<>> @NS1.USLIVE.NET. thegospelstation.com. any
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24534
;; flags: qr aa rd; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 3

;; QUESTION SECTION:
;thegospelstation.com.          IN      ANY

;; ANSWER SECTION:
thegospelstation.com.   86400   IN      SOA     ns1.uslive.net. 
hostmaster.thegospelstation.com. 2001062012 21600 10800 604800 300
thegospelstation.com.   300     IN      NS      ns1.uslive.net.
thegospelstation.com.   300     IN      NS      ns2.uslive.net.
thegospelstation.com.   300     IN      A       63.102.200.70
thegospelstation.com.   300     IN      MX      0 mail.thegospelstation.com.

;; ADDITIONAL SECTION:
ns1.uslive.net.         43200   IN      A       63.102.200.4
ns2.uslive.net.         43200   IN      A       63.102.204.132
mail.thegospelstation.com. 300  IN      A       63.102.200.70

;; Query time: 18 msec
;; WHEN: Mon Oct  8 13:46:35 2001
;; MSG SIZE  rcvd: 216

% dig @NS1.USLIVE.NET. www.thegospelstation.com. any

; <<>> DiG 9.2.0rc3 <<>> @NS1.USLIVE.NET. www.thegospelstation.com. any
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27588
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.thegospelstation.com.      IN      ANY

;; ANSWER SECTION:
www.thegospelstation.com. 300   IN      A       63.102.200.70

;; Query time: 15 msec
;; WHEN: Mon Oct  8 13:47:08 2001
;; MSG SIZE  rcvd: 58

% ping www.thegospelstation.com.
PING www.thegospelstation.com. (63.102.200.70): 56 data bytes
64 bytes from 63.102.200.70: icmp_seq=0 ttl=118 time=16.697 ms
64 bytes from 63.102.200.70: icmp_seq=1 ttl=118 time=13.252 ms
64 bytes from 63.102.200.70: icmp_seq=2 ttl=118 time=20.069 ms
64 bytes from 63.102.200.70: icmp_seq=3 ttl=118 time=21.544 ms
64 bytes from 63.102.200.70: icmp_seq=4 ttl=118 time=17.33 ms
^C
--- www.thegospelstation.com. ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 13.252/17.778/21.544 ms

% doc -v thegospelstation.com
Doc-2.2.3: doc -v thegospelstation.com
Doc-2.2.3: Starting test of thegospelstation.com.   parent is com.
Doc-2.2.3: Test date - Mon Oct  8 13:48:27 EDT 2001
soa @a.gtld-servers.net. for com. has serial: 2001100800
soa @b.gtld-servers.net. for com. has serial: 2001100800
soa @c.gtld-servers.net. for com. has serial: 2001100800
soa @d.gtld-servers.net. for com. has serial: 2001100800
soa @e.gtld-servers.net. for com. has serial: 2001100800
soa @f.gtld-servers.net. for com. has serial: 2001100800
soa @g.gtld-servers.net. for com. has serial: 2001100800
soa @h.gtld-servers.net. for com. has serial: 2001100800
soa @i.gtld-servers.net. for com. has serial: 2001100800
soa @j.gtld-servers.net. for com. has serial: 2001100800
soa @k.gtld-servers.net. for com. has serial: 2001100800
soa @l.gtld-servers.net. for com. has serial: 2001100800
soa @m.gtld-servers.net. for com. has serial: 2001100800
SOA serial #'s agree for com. domain
Found 2 NS and 2 glue records for thegospelstation.com. 
@a.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for thegospelstation.com. 
@b.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for thegospelstation.com. 
@c.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for thegospelstation.com. 
@d.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for thegospelstation.com. 
@e.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for thegospelstation.com. 
@f.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for thegospelstation.com. 
@g.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for thegospelstation.com. 
@h.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for thegospelstation.com. 
@i.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for thegospelstation.com. 
@j.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for thegospelstation.com. 
@k.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for thegospelstation.com. 
@l.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for thegospelstation.com. 
@m.gtld-servers.net. (non-AUTH)
DNServers for com.
    === 0 were also authoritatve for thegospelstation.com.
    === 13 were non-authoritative for thegospelstation.com.
Servers for com. (not also authoritative for thegospelstation.com.)
    === agree on NS records for thegospelstation.com.
NS list summary for thegospelstation.com. from parent (com.) servers
   == ns1.uslive.net. ns2.uslive.net.
soa @ns1.uslive.net. for thegospelstation.com. serial: 2001062012
soa @ns2.uslive.net. for thegospelstation.com. serial: 2001062012
SOA serial #'s agree for thegospelstation.com.
Authoritative domain (thegospelstation.com.) servers agree on NS for 
thegospelstation.com.
NS list from thegospelstation.com. authoritative servers matches list from
   === parent (com.) servers not authoritative for thegospelstation.com.
Checking 0 potential addresses for hosts at thegospelstation.com.
   ==
Summary:
    No errors or warnings issued for thegospelstation.com.
Done testing thegospelstation.com.  Mon Oct  8 13:48:36 EDT 2001

% dnswalk -alF thegospelstation.com.
Checking thegospelstation.com.
Getting zone transfer of thegospelstation.com. from ns1.uslive.net...done.
SOA=ns1.uslive.net      contact=hostmaster.thegospelstation.com
WARN: mail.thegospelstation.com A 63.102.200.70: no PTR record
WARN: thegospelstation.com A 63.102.200.70: no PTR record
WARN: www.thegospelstation.com A 63.102.200.70: no PTR record
0 failures, 3 warnings, 0 errors.


                               DNS Expert
               Detailed Report for thegospelstation.com.
       10/8/01, 7:50 PM, using the analysis setting "Everything"
======================================================================

Information
----------------------------------------------------------------------
Serial number:           2001062012
Primary name server:     ns1.uslive.net.
Primary mail server:     mail.thegospelstation.com.
Number of records:       7 (2 NS, 2 MX, 3 A, 0 CNAME, 0 PTR, 0 Other)


Errors
----------------------------------------------------------------------
o The hostmaster address "hostmaster at thegospelstation.com" does not
   exist.
     None of the mail servers for "thegospelstation.com." recognized
     the hostmaster address "hostmaster at thegospelstation.com"

o There is no PTR record for the host "thegospelstation.com."
     There is no PTR record available for the host
     "thegospelstation.com." which has the IP address 63.102.200.70.


Warnings
----------------------------------------------------------------------
o The Retry field in the SOA record contains an unusually high value
     The value 10800 of the Retry field in the SOA record is unusually
     high.  The value for this field should be within the range 300 -
     7200.

o The Minimum TTL field in the SOA record contains an unusually low
   value
     The value 300 of the Minimum field in the SOA record is unusually
     low.  The value for this field should be within the range 3600 -
     172800.

o The refresh value in the SOA record is too close to the retry value
     The value of the Refresh field in the SOA record (currently
     21600) should be at least three times bigger than the value of
     the Retry field (currently 10800).

o The zone contains more than one A record with the address
   63.102.200.70
     There is more than one A record in the zone with the IP address
     63.102.200.70.

o There is only one MX record in the zone
     The zone contains only one MX record.  This will cause mail
     delivery problems if the primary mail server becomes unavailable.
      For safety purposes, there should be two or more mail servers
     for every zone, the extra mail servers being used as backup
     (secondary) servers for the primary server.


----------------------------------------------------------------------
end of report





-- 
Brad Knowles, <brad.knowles at skynet.be>

H4sICIFgXzsCA2RtYS1zaWcAPVHLbsMwDDvXX0H0kkvbfxiwVw8FCmzAzqqj1F4dy7CdBfn7
Kc6wmyGRFEnvvxiWQoCvqI7RSWTcfGXQNqCUAnfIU+AT8OZ/GCNjRVlH0bKpguJkxiITZqes
MxwpSucyDJzXxQEUe/ihgXqJXUXwD9ajB6NHonLmNrUSK9nacHQnH097szO74xFXqtlbT3il
wMsBz5cnfCR5cEmci0Rj9u/jqBbPeES1I4PeFBXPUIT1XDSOuutFXylzrQvGyboWstCoQZyP
dxX4dLx0eauFe1x9puhoi0Ao1omEJo+BZ6XLVNaVpWiKekxN0VK2VMpmAy+Bk7ZV4SO+p1L/
uErNRS/qH2iFU+iNOtbcmVt9N16lfF7tLv9FXNj8AiyNcOi1AQAA

More information about the bind-users mailing list