Occasional problems resolving from capitalone.com

Mark Andrews Mark_Andrews at isc.org
Wed Jan 14 03:13:48 UTC 2009 

In message <D08DAA78-9F6C-40BE-894D-7D388CD51483 at gronkulator.com>, Rich Goodson
 writes:
> Hi all,
> 
> I have some caching resolvers that are running BIND 9.4.3.  They  
> answer about 30k-ish recursive queries per second at peak hours.
> 
> Every couple of weeks or so, we get calls to customer support with  
> complaints that the www.capitalone.com web site is unavailable.

	Complain to capitalone.com.  wpex.capitalone.com is badly
	delegated.  The namesevers wpex.capitalone.com are delegated
	to are not configured to serve the zone wpex.capitalone.com,
	instead they are serving capitalone.com but not the version
	of the zone served by ns[123].capitalone.com.  Additionally
	the servers for wpex.capitalone.com don't have the address
	records for the nameservers for wpex.capitalone.com.

	Note the SOA record below is for capitalone.com not
	wpex.capitalone.com like it should be.

	Mark

; <<>> DiG 9.6.0-P1 <<>> +norec ns1-cardinal.wpex.capitalone.com. @208.80.48.74
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60944
;; flags: qr aa; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;ns1-cardinal.wpex.capitalone.com. IN	A

;; AUTHORITY SECTION:
capitalone.com.		60	IN	SOA	cardinal01p.capitalone.com. hostmaster.cardinal01p.capitalone.com. 17 10800 3600 604800 60

;; Query time: 231 msec
;; SERVER: 208.80.48.74#53(208.80.48.74)
;; WHEN: Wed Jan 14 13:59:20 2009
;; MSG SIZE  rcvd: 109


> The CNAME for www.capitalone.com points to www.wpex.capitalone.com,  
> which is served out by a different set of name servers:
> wpex.capitalone.com.	3600	IN	NS	ns2-mockingbird.wpex.capitalone
> .com.
> wpex.capitalone.com.	3600	IN	NS	ns1-cardinal.wpex.capitalone.co
> m.
> those name servers are, apparently, occasionally unavailable, at least  
> from our network, and we end up with a negative cached record that I  
> suspect lasts 48 hours.
> 
> right now, I am doing a workaround with a shell script that looks  
> something like this (this is just a snippet, btw, not the full script):
> rndc dumpdb
> if [ `grep capitalone.com /var/dump/named_dump.db | grep -q  
> NXDOMAIN` ]; then
> 	rndc flushname `grep capitalone.com | grep NXDOMAIN | awk '{print $1}'`
> 
> This may not be the only host/domain that we have occasional  
> difficulty with, but it's certainly the only one that has calls from  
> CS that get filtered down to me.  Is this something broken in our  
> resolvers, or is this (as I suspect) just a really wonky and somewhat  
> broken implementation on the part of capitalone.com?  Is anyone else  
> having difficulty with resolution of this domain?
> 
> Here's a dig from one of our name servers. (the dig is from my  
> workstation which has 9.4.2-P2 on it).
> 
> ; <<>> DiG 9.4.2-P2 <<>> +trace @wdmdc-dns1 www.capitalone.com
> ; (1 server found)
> ;; global options:  printcmd
> .			242071	IN	NS	K.ROOT-SERVERS.NET.
> .			242071	IN	NS	H.ROOT-SERVERS.NET.
> .			242071	IN	NS	J.ROOT-SERVERS.NET.
> .			242071	IN	NS	L.ROOT-SERVERS.NET.
> .			242071	IN	NS	B.ROOT-SERVERS.NET.
> .			242071	IN	NS	D.ROOT-SERVERS.NET.
> .			242071	IN	NS	M.ROOT-SERVERS.NET.
> .			242071	IN	NS	I.ROOT-SERVERS.NET.
> .			242071	IN	NS	E.ROOT-SERVERS.NET.
> .			242071	IN	NS	F.ROOT-SERVERS.NET.
> .			242071	IN	NS	A.ROOT-SERVERS.NET.
> .			242071	IN	NS	C.ROOT-SERVERS.NET.
> .			242071	IN	NS	G.ROOT-SERVERS.NET.
> ;; Received 512 bytes from 12.207.232.47#53(12.207.232.47) in 17 ms
> 
> com.			172800	IN	NS	K.GTLD-SERVERS.NET.
> com.			172800	IN	NS	C.GTLD-SERVERS.NET.
> com.			172800	IN	NS	A.GTLD-SERVERS.NET.
> com.			172800	IN	NS	M.GTLD-SERVERS.NET.
> com.			172800	IN	NS	L.GTLD-SERVERS.NET.
> com.			172800	IN	NS	J.GTLD-SERVERS.NET.
> com.			172800	IN	NS	D.GTLD-SERVERS.NET.
> com.			172800	IN	NS	I.GTLD-SERVERS.NET.
> com.			172800	IN	NS	F.GTLD-SERVERS.NET.
> com.			172800	IN	NS	G.GTLD-SERVERS.NET.
> com.			172800	IN	NS	B.GTLD-SERVERS.NET.
> com.			172800	IN	NS	E.GTLD-SERVERS.NET.
> com.			172800	IN	NS	H.GTLD-SERVERS.NET.
> ;; Received 508 bytes from 192.203.230.10#53(E.ROOT-SERVERS.NET) in 68  
> ms
> 
> capitalone.com.		172800	IN	NS	ns1.capitalone.com.
> capitalone.com.		172800	IN	NS	ns2.capitalone.com.
> capitalone.com.		172800	IN	NS	ns3.capitalone.com.
> ;; Received 138 bytes from 192.52.178.30#53(K.GTLD-SERVERS.NET) in 130  
> ms
> 
> www.capitalone.com.	120	IN	CNAME	www.wpex.capitalone.com.
> wpex.capitalone.com.	3600	IN	NS	ns2-mockingbird.wpex.capitalone
> .com.
> wpex.capitalone.com.	3600	IN	NS	ns1-cardinal.wpex.capitalone.co
> m.
> ;; Received 148 bytes from 199.244.214.107#53(ns3.capitalone.com) in  
> 42 ms
> 
>   -rich goodson
> 
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org

More information about the bind-users mailing list