Possible Lookup Problem
Mark Andrews
Mark_Andrews at isc.org
Tue Nov 8 22:13:24 UTC 2005
> Hi,
> I've had some people come to me with concerns about our dns servers so
> I decided to start doing some digging. Basically, when querying our
> servers for lets say the aol.com mx records, after the TTL expires my
> server stops showing the ip's of the mx records in the additional
> section of the dig. When I query other servers for the same
> information, they tend to update right away after the TTL expires.
> For example, after the 300 seconds expires for all of the mx records,
> here is what I get on a dig:
>
> -----------------------------------------------------------------------------
> ------------------------------
> root at gtr2:/etc/namedbfiles/hint# dig aol.com mx
>
> ; <<>> DiG 9.3.0 <<>> aol.com mx
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29109
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 4, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;aol.com. IN MX
>
> ;; ANSWER SECTION:
> aol.com. 3231 IN MX 15
> mailin-01.mx.aol.com.
> aol.com. 3231 IN MX 15
> mailin-02.mx.aol.com.
> aol.com. 3231 IN MX 15
> mailin-03.mx.aol.com.
> aol.com. 3231 IN MX 15
> mailin-04.mx.aol.com.
>
> ;; AUTHORITY SECTION:
> aol.com. 3231 IN NS dns-01.ns.aol.com.
> aol.com. 3231 IN NS dns-02.ns.aol.com.
> aol.com. 3231 IN NS dns-06.ns.aol.com.
> aol.com. 3231 IN NS dns-07.ns.aol.com.
> -----------------------------------------------------------------------------
> ------------------------------
>
>
> And continued digs show the same information. After awhile, maybe 10
> minutes, I'll start getting the additional section containing the mx
> record ip address again. But like I said, if I query other servers,
> after the TTL expires, the additional section lights back up with at
> least 1 of the expired servers.
>
> Is this normal? If not, what may be causing this problem?
Yes this is normal and expected. The additional records are
only returned if the nameserver has them in its cache and of
the right credability.
Some nameservers fetch missing additional records others don't.
This is a implementation choice.
> Thanks for any help. I've never really needed to try to troubleshoot
> bind before, so I'm at a loss.
>
> -Craig
>
>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users
mailing list