Akadns and Bind
Tory M Blue
tmblue at gmail.com
Fri Feb 4 18:25:45 UTC 2011
On Fri, Feb 4, 2011 at 5:37 AM, Florian Weimer <fweimer at bfk.de> wrote:
> * Tory M. Blue:
>
>> [tblue at mx3 ~]$ dig @problemserver.net www.yahoo.com +trace
>
> Please use "dig @problemserver.net www.yahoo.com +trace +norecurse
> +dnssec", to match more closely the queires that BIND would send.
Okay thanks, done that as well as provided the tcpdump information.
The server is being queried it just fails to resolve yahoo but can
resolve all others.
[tblue at tblue-laptop ~]$ dig @problemserver.net www.yahoo.com
; <<>> DiG 9.6.2-P2-RedHat-9.6.2-5.P2.fc12 <<>> @problemserver.net www.yahoo.com
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached
[tblue at tblue-laptop ~]$ dig @probelmserver.net.net www.yahoo.com
+trace +norecurse +dnssec
; <<>> DiG 9.6.2-P2-RedHat-9.6.2-5.P2.fc12 <<>> @problemserver.net
www.yahoo.com +trace +norecurse +dnssec
; (1 server found)
;; global options: +cmd
. 444545 IN NS g.root-servers.net.
. 444545 IN NS h.root-servers.net.
. 444545 IN NS b.root-servers.net.
. 444545 IN NS a.root-servers.net.
. 444545 IN NS j.root-servers.net.
. 444545 IN NS e.root-servers.net.
. 444545 IN NS l.root-servers.net.
. 444545 IN NS m.root-servers.net.
. 444545 IN NS d.root-servers.net.
. 444545 IN NS i.root-servers.net.
. 444545 IN NS f.root-servers.net.
. 444545 IN NS c.root-servers.net.
. 444545 IN NS k.root-servers.net.
. 444545 IN RRSIG NS 8 0 518400 20110210000000 20110202230000 21639
. RdUUiw5gKXpACWIw/O94nxHWSzx5kP62zEhy/kuD8IvY6q1Mbv0GccwL
AErMQu3jlWC+3OMsYQmClticjC5eUkuIyvMQikeihkKty6J4IuaoTMYu
Xctg2R8QDgIhasF7kNOqdr/Akfk5A2kaeW+jE7OhikMnNUyvi5Ph+ORW XrE=
;; Received 441 bytes from 10.13.255.102#53(10.13.255.102) in 36 ms
com. 172800 IN NS a.gtld-servers.net.
com. 172800 IN NS b.gtld-servers.net.
com. 172800 IN NS c.gtld-servers.net.
com. 172800 IN NS d.gtld-servers.net.
com. 172800 IN NS e.gtld-servers.net.
com. 172800 IN NS f.gtld-servers.net.
com. 172800 IN NS g.gtld-servers.net.
com. 172800 IN NS h.gtld-servers.net.
com. 172800 IN NS i.gtld-servers.net.
com. 172800 IN NS j.gtld-servers.net.
com. 172800 IN NS k.gtld-servers.net.
com. 172800 IN NS l.gtld-servers.net.
com. 172800 IN NS m.gtld-servers.net.
com. 86400 IN NSEC coop. NS RRSIG NSEC
com. 86400 IN RRSIG NSEC 8 1 86400 20110211000000 20110203230000
21639 . gR5+PdxFQpmd+bLdUdWH0qmumxkOOwW5PI0Yb0/XwxBGo5NC3UesAUWl
PHp5X+6vlhqeJhzZnJRC2XHKFl3LbSnxgvXX3eiGQ8opoSCuF2IqKX3h
hGXHqmKvV/bsXJY5FvjfrDMWQYSTS4tt9lURSlBAuJd1jWi+uXtMfafF U0o=
;; Received 718 bytes from 193.0.14.129#53(k.root-servers.net) in 121 ms
yahoo.com. 172800 IN NS ns1.yahoo.com.
yahoo.com. 172800 IN NS ns5.yahoo.com.
yahoo.com. 172800 IN NS ns2.yahoo.com.
yahoo.com. 172800 IN NS ns3.yahoo.com.
yahoo.com. 172800 IN NS ns4.yahoo.com.
;; Received 212 bytes from 192.43.172.30#53(i.gtld-servers.net) in 38 ms
www.yahoo.com. 300 IN CNAME fp.wg1.b.yahoo.com.
wg1.b.yahoo.com. 300 IN NS yf2.yahoo.com.
wg1.b.yahoo.com. 300 IN NS yf5.yahoo.com.
wg1.b.yahoo.com. 300 IN NS yf1.yahoo.com.
wg1.b.yahoo.com. 300 IN NS yf8.yahoo.com.
wg1.b.yahoo.com. 300 IN NS yf6.yahoo.com.
wg1.b.yahoo.com. 300 IN NS yf3.yahoo.com.
wg1.b.yahoo.com. 300 IN NS yf4.yahoo.com.
wg1.b.yahoo.com. 300 IN NS yf7.yahoo.com.
;; Received 337 bytes from 68.142.196.63#53(ns4.yahoo.com) in 58 ms
I don't see it resolving to an A record, seems to stop after providing
a CNAME entry.
Also the server in question can easily get to microsoft.com,
google.com (I mean resolve), it's just www.yahoo.com and this am it's
actually yahoo.com as well.
[tblue at tblue-laptop ~]$ dig @ns2.sv.admission.net yahoo.com
; <<>> DiG 9.6.2-P2-RedHat-9.6.2-5.P2.fc12 <<>> @problemserver.net yahoo.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 19162
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;yahoo.com. IN A
;; Query time: 1223 msec
;; SERVER: 10.13.255.102#53(10.13.255.102)
;; WHEN: Fri Feb 4 09:53:35 2011
;; MSG SIZE rcvd: 27
[tblue at tblue-laptop ~]$ dig @problemserver.net google.com
; <<>> DiG 9.6.2-P2-RedHat-9.6.2-5.P2.fc12 <<>> @problemserver.net google.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48213
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 4, ADDITIONAL: 0
;; QUESTION SECTION:
;google.com. IN A
;; ANSWER SECTION:
google.com. 300 IN A 74.125.224.16
google.com. 300 IN A 74.125.224.17
google.com. 300 IN A 74.125.224.18
google.com. 300 IN A 74.125.224.19
google.com. 300 IN A 74.125.224.20
;; AUTHORITY SECTION:
google.com. 99327 IN NS ns4.google.com.
google.com. 99327 IN NS ns1.google.com.
google.com. 99327 IN NS ns3.google.com.
google.com. 99327 IN NS ns2.google.com.
;; Query time: 59 msec
;; SERVER: 10.13.255.102#53(10.13.255.102)
;; WHEN: Fri Feb 4 09:53:40 2011
;; MSG SIZE rcvd: 180
Tcpdumps show what I've believed, connection is fine to the dns server
but this server for some reason will not resolve www.yahoo.com or
yahoo.com.
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
10:16:25.573927 IP clientsystem.net.58856 > problemserver.net.domain:
2579+ A? yahoo.com. (27)
10:16:30.574299 IP clientsystem.net.58856 > problemserver.net.domain:
2579+ A? yahoo.com. (27)
10:16:35.574785 IP clientsystem.net.58856 > problemserver.net.domain:
2579+ A? yahoo.com. (27)
10:16:55.575686 IP problemserver.net.domain > clientsystem.net.58856:
2579 ServFail 0/0/0 (27)
10:17:16.920262 IP clientsystem.net.54365 > problemserver.net.domain:
64676+ A? yahoo.com. (27)
10:17:21.920251 IP clientsystem.net.54365 > problemserver.net.domain:
64676+ A? yahoo.com. (27)
10:17:26.920310 IP clientsystem.net.54365 > problemserver.net.domain:
64676+ A? yahoo.com. (27)
10:17:46.921745 IP problemserver.net.domain > clientsystem.net.54365:
64676 ServFail 0/0/0 (27)
10:18:00.081853 IP clientsystem.net.46709 > problemserver.net.domain:
49385+ A? znet.net. (26)
10:18:00.097763 IP problemserver.net.domain > clientsystem.net.46709:
49385 1/4/0 A 66.63.136.98 (130)
10:18:22.985702 IP clientsystem.net.48284 > problemserver.net.domain:
46982+ A? microsoft.com. (31)
10:18:22.986201 IP problemserver.net.domain > clientsystem.net.48284:
46982 2/5/5 A 207.46.197.32, A 207.46.232.182 (241)
10:18:33.823524 IP clientsystem.net.36393 > problemserver.net.domain:
12471+ A? www.yahoo.com. (31)
10:18:38.823839 IP clientsystem.net.36393 > problemserver.net.domain:
12471+ A? www.yahoo.com. (31)
10:18:43.824424 IP clientsystem.net.36393 > problemserver.net.domain:
12471+ A? www.yahoo.com. (31)
10:19:03.824703 IP problemserver.net.domain > clientsystem.net.36393:
12471 ServFail 0/0/0 (31)
So servfail just to yahoo, but fine for microsoft, google, znet you
name it. yahoo is being tricky.
Thanks
Tory
More information about the bind-users
mailing list