My ISP's nameserver confuses the resolver in glibc 2.3.2 and BIND 9.2.1
Mark_Andrews at isc.org
Mark_Andrews at isc.org
Tue Jan 6 02:21:57 UTC 2004
>
> > I've been seeing some DNS lookup failures on my redhat 9 box.
> > They are accomapnied by this in /var/log/messages:
> >
> > Jan 1 22:29:11 localhost mozilla-bin: gethostby*.getanswer: asked for
> > "www.google.com.au", got "www.google.akadns.net"
> >
> > A little experimentation with dig reveals that all the info is being
> > returned, only the A record arrives first, followed by the CNAME:
> >
> > [david at localhost david]$ dig www.google.com.au
> >
> > ; <<>> DiG 9.2.1 <<>> www.google.com.au
> > ;; global options: printcmd
> > ;; Got answer:
> > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60725
> > ;; flags: rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
It also helps if "QR" is set in the response. When named
sees the "response" it is treated as a query.
> > ;; QUESTION SECTION:
> > ;www.google.com.au. IN A
> >
> > ;; ANSWER SECTION:
> > www.google.akadns.net. 57 IN A 216.239.53.99
> > www.google.com.au. 2278 IN CNAME www.google.akadns.net.
> >
> > ;; Query time: 336 msec
> > ;; SERVER: 203.220.32.107#53(203.220.32.107)
> > ;; WHEN: Thu Jan 1 22:42:25 2004
> > ;; MSG SIZE rcvd: 86
> >
> >
> > Running 'tcpdump -n -vvv -s 128' during the dig confirms this.
> >
> > I thought I'd get around this by setting up a forward-only caching
> > nameserver, figuring that it might be able to put the records back
> > into the 'correct' order before handing them back to gethostbyname(),
> > but, no, BIND seems to be just as confused. The tcpdump of BIND on
> > localhost forwarding a query shows this...
> >
> > [root at localhost david]# tcpdump -n -vvv -s 128
> > tcpdump: listening on ppp0
> > 22:07:04.433985 203.220.41.33.32768 > 203.220.32.107.domain: [udp sum
> > ok] 55260
> > + [1au] A? home.dodo.com.au. ar: . OPT UDPsize=2048 (45) (DF) (ttl 64,
> > id 0, len
> > 73)
> > 22:07:04.607987 203.220.32.107.domain > 203.220.41.33.32768: [udp sum
> > ok] 55260
> > + [2a] [1au] A? home.dodo.com.au. www.dodo.com.au. A 203.220.32.118,
> > home.dodo.c
> > om.au. CNAME www.dodo.com.au. ar: . OPT UDPsize=2048 (79) (DF) (ttl
> > 60, id 0, le
> > n 107)
> > 22:07:06.448558 203.220.41.33.32768 > 203.220.32.107.domain: [udp sum
> > ok] 46546
> > + [1au] A? home.dodo.com.au. ar: . OPT UDPsize=2048 (45) (DF) (ttl 64,
> > id 0, len
> > 73)
> > 22:07:06.597993 203.220.32.107.domain > 203.220.41.33.32768: [udp sum
> > ok] 46546
> > + [2a] [1au] A? home.dodo.com.au. www.dodo.com.au. A 203.220.32.118,
> > home.dodo.c
> > om.au. CNAME www.dodo.com.au. ar: . OPT UDPsize=2048 (79) (DF) (ttl
> > 60, id 0, le
> > n 107)
> >
> > ...and so on. i.e. it asks (in this case) for home.dodo.com.au, the
> > answer comes back with the A record for www.dodo.com.au, followed by
> > the CNAME for home.dodo.com.au. BIND rerties this a few times and
> > gives up.
> >
> >
> > So, my questions are:
> >
> > What (if anything) is my ISP doing wrong? The response from their tech
> > support is that their nameserevr is OK.
>
> The nameserver is not RFC 1034 compliant.
> See: Section 4.3.2. Algorithm
>
> See: 6.2.7. QNAME=USC-ISIC.ARPA, QTYPE=A
> Note the order of the records in the answer section
>
> > Why is the resolver so picky? Seems as though both the CNAME and A
> > record are being returned, its just that the CNAME arrives first.
> >
> > Oh, and I can't use some other namersever because they have blocked
> > UDP port 53 as far as I can tell. Note that many hosts resolve just
> > fine (even CNAAMEs), its just a particular few, such as
> > home.dodo.com.au and www.google.com.au that don't resolve.
> >
> > Details:
> >
> > [root at localhost david]# uname -a
> > Linux localhost.localdomain 2.4.20-20.9 #1 Mon Aug 18 11:27:43 EDT
> > 2003 i686 athlon i386 GNU/Linux
> > [root at localhost david]# named -v
> > BIND 9.2.1
> > [root at localhost david]# rpm -q glibc
> > glibc-2.3.2-27.9.7
> >
> > The nameserver in question is on 203.220.32.107
> >
> > Thanks
> > David Houlder
> >
> --
> Mark Andrews, Internet Software Consortium
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at isc.org
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at isc.org
More information about the bind-users
mailing list