My ISP's nameserver confuses the resolver in glibc 2.3.2 and BIND 9.2.1

Mark_Andrews at isc.org Mark_Andrews at isc.org
Tue Jan 6 02:21:57 UTC 2004 

> 
> > I've been seeing some DNS lookup failures on my redhat 9 box.
> > They are accomapnied by this in /var/log/messages:
> > 
> > Jan  1 22:29:11 localhost mozilla-bin: gethostby*.getanswer: asked for
> > "www.google.com.au", got "www.google.akadns.net"
> > 
> > A little experimentation with dig reveals that all the info is being
> > returned, only the A record arrives first, followed by the CNAME:
> > 
> > [david at localhost david]$ dig www.google.com.au
> >  
> > ; <<>> DiG 9.2.1 <<>> www.google.com.au
> > ;; global options:  printcmd
> > ;; Got answer:
> > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60725
> > ;; flags: rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

	It also helps if "QR" is set in the response.  When named
	sees the "response" it is treated as a query.


> > ;; QUESTION SECTION:
> > ;www.google.com.au.             IN      A
> >  
> > ;; ANSWER SECTION:
> > www.google.akadns.net.  57      IN      A       216.239.53.99
> > www.google.com.au.      2278    IN      CNAME   www.google.akadns.net.
> >  
> > ;; Query time: 336 msec
> > ;; SERVER: 203.220.32.107#53(203.220.32.107)
> > ;; WHEN: Thu Jan  1 22:42:25 2004
> > ;; MSG SIZE  rcvd: 86
> > 
> > 
> > Running 'tcpdump -n -vvv -s 128' during the dig confirms this.
> > 
> > I thought I'd get around this by setting up a forward-only caching
> > nameserver, figuring that it might be able to put the records back
> > into the 'correct' order before handing them back to gethostbyname(),
> > but, no, BIND seems to be just as confused. The tcpdump of BIND on
> > localhost forwarding a query shows this...
> > 
> > [root at localhost david]# tcpdump -n -vvv -s 128
> > tcpdump: listening on ppp0
> > 22:07:04.433985 203.220.41.33.32768 > 203.220.32.107.domain: [udp sum
> > ok]  55260
> > + [1au] A? home.dodo.com.au. ar: . OPT UDPsize=2048 (45) (DF) (ttl 64,
> > id 0, len
> >  73)
> > 22:07:04.607987 203.220.32.107.domain > 203.220.41.33.32768: [udp sum
> > ok]  55260
> > + [2a] [1au] A? home.dodo.com.au. www.dodo.com.au. A 203.220.32.118,
> > home.dodo.c
> > om.au. CNAME www.dodo.com.au. ar: . OPT UDPsize=2048 (79) (DF) (ttl
> > 60, id 0, le
> > n 107)
> > 22:07:06.448558 203.220.41.33.32768 > 203.220.32.107.domain: [udp sum
> > ok]  46546
> > + [1au] A? home.dodo.com.au. ar: . OPT UDPsize=2048 (45) (DF) (ttl 64,
> > id 0, len
> >  73)
> > 22:07:06.597993 203.220.32.107.domain > 203.220.41.33.32768: [udp sum
> > ok]  46546
> > + [2a] [1au] A? home.dodo.com.au. www.dodo.com.au. A 203.220.32.118,
> > home.dodo.c
> > om.au. CNAME www.dodo.com.au. ar: . OPT UDPsize=2048 (79) (DF) (ttl
> > 60, id 0, le
> > n 107)
> >
> > ...and so on. i.e. it asks (in this case) for home.dodo.com.au, the
> > answer comes back with the A record for www.dodo.com.au, followed by
> > the CNAME for home.dodo.com.au. BIND rerties this a few times and
> > gives up.
> > 
> > 
> > So, my questions are:
> > 
> > What (if anything) is my ISP doing wrong? The response from their tech
> > support is that their nameserevr is OK.
> 
> 	The nameserver is not RFC 1034 compliant.
> 	See: Section 4.3.2. Algorithm
>  
> 	See: 6.2.7. QNAME=USC-ISIC.ARPA, QTYPE=A
> 	Note the order of the records in the answer section
> 
> > Why is the resolver so picky? Seems as though both the CNAME and A
> > record are being returned, its just that the CNAME arrives first.
> > 
> > Oh, and I can't use some other namersever because they have blocked
> > UDP port 53 as far as I can tell. Note that many hosts resolve just
> > fine (even CNAAMEs), its just a particular few, such as
> > home.dodo.com.au and www.google.com.au that don't resolve.
> > 
> > Details:
> > 
> > [root at localhost david]# uname -a
> > Linux localhost.localdomain 2.4.20-20.9 #1 Mon Aug 18 11:27:43 EDT
> > 2003 i686 athlon i386 GNU/Linux
> > [root at localhost david]# named -v
> > BIND 9.2.1
> > [root at localhost david]# rpm -q glibc
> > glibc-2.3.2-27.9.7
> > 
> > The nameserver in question is on 203.220.32.107 
> > 
> > Thanks
> > David Houlder
> > 
> --
> Mark Andrews, Internet Software Consortium
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews at isc.org
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews at isc.org

More information about the bind-users mailing list