Different DNS resolutions from 2 servers
Kevin Darcy
kcd at daimlerchrysler.com
Wed Oct 23 21:08:00 UTC 2002
"Donald E. Foss" wrote:
> I have 2 RH7.2 servers both running BIND 9.2.1. When I do a dig on the
> domain stonewallkitchen.com, it get two completely different answers from
> each server. This has been going on for 2 weeks now.
>
> I do know that the site was moved to a new ISP some time ago, but this
> should have resolved itself quickly.
>
> Below are a pair of digs--the first from the local BIND server, the second
> from a root server. The root server has the correct information.
>
> ########incorrect local server response##############
> dig stonewallkitchen.com any +norec
>
> ; <<>> DiG 9.2.1 <<>> stonewallkitchen.com any +norec
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22276
> ;; flags: qr ra; QUERY: 1, ANSWER: 3, AUTHORITY: 3, ADDITIONAL: 3
>
> ;; QUESTION SECTION:
> ;stonewallkitchen.com. IN ANY
>
> ;; ANSWER SECTION:
> stonewallkitchen.com. 86120 IN NS dns3.registeredsite.com.
> stonewallkitchen.com. 86120 IN NS dns1.registeredsite.com.
> stonewallkitchen.com. 86120 IN NS dns2.registeredsite.com.
>
> ;; AUTHORITY SECTION:
> stonewallkitchen.com. 86120 IN NS dns3.registeredsite.com.
> stonewallkitchen.com. 86120 IN NS dns1.registeredsite.com.
> stonewallkitchen.com. 86120 IN NS dns2.registeredsite.com.
>
> ;; ADDITIONAL SECTION:
> dns1.registeredsite.com. 162049 IN A 64.226.28.34
> dns2.registeredsite.com. 162049 IN A 66.111.73.174
> dns3.registeredsite.com. 162049 IN A 64.77.127.43
>
> ;; Query time: 5 msec
> ;; SERVER: 127.0.0.1#53(127.0.0.1)
> ;; WHEN: Wed Oct 23 13:25:51 2002
> ;; MSG SIZE rcvd: 200
>
> ########correct root server response###########
> dig @a.gtld-servers.net stonewallkitchen.com any +norec
>
> ; <<>> DiG 9.2.1 <<>> @a.gtld-servers.net stonewallkitchen.com any +norec
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22776
> ;; flags: qr; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2
>
> ;; QUESTION SECTION:
> ;stonewallkitchen.com. IN ANY
>
> ;; ANSWER SECTION:
> stonewallkitchen.com. 172800 IN NS NS-EAST.CERF.NET.
> stonewallkitchen.com. 172800 IN NS NS-WEST.CERF.NET.
>
> ;; AUTHORITY SECTION:
> stonewallkitchen.com. 172800 IN NS NS-EAST.CERF.NET.
> stonewallkitchen.com. 172800 IN NS NS-WEST.CERF.NET.
>
> ;; ADDITIONAL SECTION:
> NS-EAST.CERF.NET. 172800 IN A 207.252.96.3
> NS-WEST.CERF.NET. 172800 IN A 192.153.156.3
>
> ;; Query time: 34 msec
> ;; SERVER: 192.5.6.30#53(a.gtld-servers.net)
> ;; WHEN: Wed Oct 23 13:28:49 2002
> ;; MSG SIZE rcvd: 150#
>
> As you can see in the authority section, the NS records should only live
> for 1 day.
>
> If I restart the daemon, it fixes itself. This is not a good solution
> though, because it may happen again with another domain, and I don't want
> to be scheduling restart every couple of days or so. In fact, I just
> received email of another domain that is having similiar problems.
>
> I'm not a newbie, but any help is appreciated. I've got the traces set to
> 99, but they have not shed any useful information on the problem yet.
More information about the bind-users
mailing list