Intermittent Issues Resolving Microsoft Hostnames
Rob Heilman
rheilman at echolabs.net
Wed May 4 19:23:21 UTC 2016
Could it be that the “adberr:2” logs entries are indicating that it periodically can’t find the name servers?
-Rob Heilman
# dig zulily-com.mail.protection.outlook.com. @ns1-prodeodns.glbdns.o365filtering.com.
dig: couldn't get address for 'ns1-prodeodns.glbdns.o365filtering.com.': failure
# dig zulily-com.mail.protection.outlook.com. @ns1-prodeodns.glbdns.o365filtering.com.
; <<>> DiG 9.9.5-9+deb8u6-Debian <<>> zulily-com.mail.protection.outlook.com. @ns1-prodeodns.glbdns.o365filtering.com.
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: FORMERR, id: 35547
;; flags: qr rd; QUERY: 0, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; WARNING: EDNS query returned status FORMERR - retry with '+noedns'
;; Query time: 73 msec
;; SERVER: 207.46.100.42#53(207.46.100.42)
;; WHEN: Wed May 04 14:44:22 EDT 2016
;; MSG SIZE rcvd: 12
# dig zulily-com.mail.protection.outlook.com. @ns1-prodeodns.glbdns.o365filtering.com. +noedns
; <<>> DiG 9.9.5-9+deb8u6-Debian <<>> zulily-com.mail.protection.outlook.com. @ns1-prodeodns.glbdns.o365filtering.com. +noedns
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27187
;; flags: qr aa rd; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;zulily-com.mail.protection.outlook.com. IN A
;; ANSWER SECTION:
zulily-com.mail.protection.outlook.com. 10 IN A 207.46.163.138
zulily-com.mail.protection.outlook.com. 10 IN A 207.46.163.247
zulily-com.mail.protection.outlook.com. 10 IN A 207.46.163.215
;; Query time: 74 msec
;; SERVER: 207.46.100.42#53(207.46.100.42)
;; WHEN: Wed May 04 14:44:56 EDT 2016
;; MSG SIZE rcvd: 218
> On May 4, 2016, at 3:16 PM, John Miller <johnmill at brandeis.edu> wrote:
>
>>
>> dig mail.protection.outlook.com. ns
>> @ns1-proddns.glbdns.o365filtering.com. +noedns
>> ;; ANSWER SECTION:
>> mail.protection.outlook.com. 10 IN NS
>> ns1-proddns.glbdns.o365filtering.com.
>> mail.protection.outlook.com. 10 IN NS
>> ns2-proddns.glbdns.o365filtering.com.
>>
>>
>>
>> Note the short TTL on the A and NS records, combined with dns servers
>> that don't understand edns. Is there something in bind 9.9.5 that would
>> not like that combination? I presume that 9.9.5 would try edns first,
>> and then backoff to noedns after receiving the FORMERR.
>>
>
> Seems very odd to have a TTL of 10 seconds on an NS record: anyone
> seen that before? Combining that with EDNS disabled means that you're
> essentially having to make four lookups every single time you want to
> use Outlook 365.
>
> John
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
More information about the bind-users
mailing list