Strange MX record problem in bind-8.2.2_p5
Scott.Wiseman
scott.wiseman at realestatenet.com
Thu Jun 15 22:58:02 UTC 2000
where can I download dig
-----Original Message-----
From: Kevin Darcy [mailto:kcd at daimlerchrysler.com]
Sent: Monday, June 12, 2000 3:51 PM
To: bind-users at isc.org
Subject: Re: Strange MX record problem in bind-8.2.2_p5
Since the full response to a "usa.com MX" query is in the area of 512 bytes,
if
I had to guess I'd say you have some sort of router or firewall blocking
TCP port 53 (which is what named will attempt if the UDP packet gets
truncated). But the fact that it's intermittent is puzzling. Do you have
multiple network paths to the Internet by any chance?
If it were me, I'd be turning on debugging at this point...
By the way, nslookup sucks. Use "dig".
- Kevin
bind-users at sanitarium.net wrote:
> Problem: Bind version 8.2.2 Patch 5 compiled running on Sun Solaris 8 is
> acting funky.
> Symptoms: Mail Queue is filling up with out-bound mail to certain domain
> names
> Cause:
> * Our DNS server cannot locate the MX record for these mail messages
domain
> names in the mail queue.
> * Other DNS servers do not have a problem resolving these same sites'
domain
> names during this testing process.
> * Our real IP addresses and domain name have been replaced with loopback
> ip's and fake names for this post.
>
> Strange Resolutions
> * On our first attempt to locate the problem we used nslookup in
interactive
> mode to lookup a MX record for a particular address in the mail queue. In
> this case it was for usa.com
>
> > set type=mx
> > usa.com
> Server: dnsserver at ourdomain.com
> Address: 127.0.0.2
>
> *** dnsserver at ourdomain.com can't find usa.com: Non-existent host/domain
>
> * To get a more detailed inquiry we placed nslookup in Debug Mode 2 and
> asked the same query.
>
> > set d2
> > usa.com
> Server: dnsserver at ourdomain.com
> Address: 127.0.0.2
>
> Our results were that debug level 2 was able to get the correct answer,
and
> after turning off debug, the name server continued to give the correct
> result every time.
>
> * While this worked for our primary server, performing the exact same
> operation on our secondary server did not resolve the problem
> * When we completely stopped and restarted named on the secondary server,
it
> started to lookup MX records normally.
>
> ;; res_mkquery(0, usa.com, 1, 15)
> ------------
> SendRequest(), len 25
> HEADER:
> opcode = QUERY, id = 52383, rcode = NOERROR
> header flags: query, want recursion
> questions = 1, answers = 0, authority records = 0, additional =
0
>
> QUESTIONS:
> usa.com, type = MX, class = IN
>
> ------------
> ------------
> Got answer (379 bytes):
> HEADER:
> opcode = QUERY, id = 52383, rcode = NOERROR
> header flags: response, want recursion, recursion avail.
> questions = 1, answers = 3, authority records = 0, additional =
> 16
>
> QUESTIONS:
> usa.com, type = MX, class = IN
> ANSWERS:
> -> usa.com
> type = MX, class = IN, dlen = 26
> preference = 5, mail exchanger = mail-intake-1.mail.com
> ttl = 3600 (1H)
> -> usa.com
> type = MX, class = IN, dlen = 18
> preference = 10, mail exchanger = mail-intake-2.mail.com
> ttl = 3600 (1H)
> -> usa.com
> type = MX, class = IN, dlen = 18
> preference = 15, mail exchanger = mail-intake-3.mail.com
> ttl = 3600 (1H)
> ADDITIONAL RECORDS:
> -> mail-intake-1.mail.com
> type = A, class = IN, dlen = 4
> internet address = 165.251.4.147
> ttl = 3600 (1H)
> -> mail-intake-1.mail.com
> type = A, class = IN, dlen = 4
> internet address = 165.251.4.100
> ttl = 3600 (1H)
> -> mail-intake-1.mail.com
> type = A, class = IN, dlen = 4
> internet address = 165.251.4.101
> ttl = 3600 (1H)
> -> mail-intake-1.mail.com
> type = A, class = IN, dlen = 4
> internet address = 165.251.4.102
> ttl = 3600 (1H)
> -> mail-intake-1.mail.com
> type = A, class = IN, dlen = 4
> internet address = 165.251.4.103
> ttl = 3600 (1H)
> -> mail-intake-1.mail.com
> type = A, class = IN, dlen = 4
> internet address = 165.251.48.78
> ttl = 3600 (1H)
> -> mail-intake-1.mail.com
> type = A, class = IN, dlen = 4
> internet address = 165.251.48.79
> ttl = 3600 (1H)
> -> mail-intake-1.mail.com
> type = A, class = IN, dlen = 4
> internet address = 165.251.48.80
> ttl = 3600 (1H)
> -> mail-intake-2.mail.com
> type = A, class = IN, dlen = 4
> internet address = 165.251.4.147
> ttl = 3600 (1H)
> -> mail-intake-2.mail.com
> type = A, class = IN, dlen = 4
> internet address = 165.251.4.100
> ttl = 3600 (1H)
> -> mail-intake-2.mail.com
> type = A, class = IN, dlen = 4
> internet address = 165.251.4.101
> ttl = 3600 (1H)
> -> mail-intake-2.mail.com
> type = A, class = IN, dlen = 4
> internet address = 165.251.4.102
> ttl = 3600 (1H)
> -> mail-intake-2.mail.com
> type = A, class = IN, dlen = 4
> internet address = 165.251.4.103
> ttl = 3600 (1H)
> -> mail-intake-2.mail.com
> type = A, class = IN, dlen = 4
> internet address = 165.251.48.78
> ttl = 3600 (1H)
> -> mail-intake-2.mail.com
> type = A, class = IN, dlen = 4
> internet address = 165.251.48.79
> ttl = 3600 (1H)
> -> mail-intake-2.mail.com
> type = A, class = IN, dlen = 4
> internet address = 165.251.48.80
> ttl = 3600 (1H)
>
> ------------
> Non-authoritative answer:
> usa.com
> type = MX, class = IN, dlen = 26
> preference = 5, mail exchanger = mail-intake-1.mail.com
> ttl = 3600 (1H)
> usa.com
> type = MX, class = IN, dlen = 18
> preference = 10, mail exchanger = mail-intake-2.mail.com
> ttl = 3600 (1H)
> usa.com
> type = MX, class = IN, dlen = 18
> preference = 15, mail exchanger = mail-intake-3.mail.com
> ttl = 3600 (1H)
>
> Authoritative answers can be found from:
> mail-intake-1.mail.com
> type = A, class = IN, dlen = 4
> internet address = 165.251.4.147
> ttl = 3600 (1H)
> mail-intake-1.mail.com
> type = A, class = IN, dlen = 4
> internet address = 165.251.4.100
> ttl = 3600 (1H)
> mail-intake-1.mail.com
> type = A, class = IN, dlen = 4
> internet address = 165.251.4.101
> ttl = 3600 (1H)
> mail-intake-1.mail.com
> type = A, class = IN, dlen = 4
> internet address = 165.251.4.102
> ttl = 3600 (1H)
> mail-intake-1.mail.com
> type = A, class = IN, dlen = 4
> internet address = 165.251.4.103
> ttl = 3600 (1H)
> mail-intake-1.mail.com
> type = A, class = IN, dlen = 4
> internet address = 165.251.48.78
> ttl = 3600 (1H)
> mail-intake-1.mail.com
> type = A, class = IN, dlen = 4
> internet address = 165.251.48.79
> ttl = 3600 (1H)
> mail-intake-1.mail.com
> type = A, class = IN, dlen = 4
> internet address = 165.251.48.80
> ttl = 3600 (1H)
> mail-intake-2.mail.com
> type = A, class = IN, dlen = 4
> internet address = 165.251.4.147
> ttl = 3600 (1H)
> mail-intake-2.mail.com
> type = A, class = IN, dlen = 4
> internet address = 165.251.4.100
> ttl = 3600 (1H)
> mail-intake-2.mail.com
> type = A, class = IN, dlen = 4
> internet address = 165.251.4.101
> ttl = 3600 (1H)
> mail-intake-2.mail.com
> type = A, class = IN, dlen = 4
> internet address = 165.251.4.102
> ttl = 3600 (1H)
> mail-intake-2.mail.com
> type = A, class = IN, dlen = 4
> internet address = 165.251.4.103
> ttl = 3600 (1H)
> mail-intake-2.mail.com
> type = A, class = IN, dlen = 4
> internet address = 165.251.48.78
> ttl = 3600 (1H)
> mail-intake-2.mail.com
> type = A, class = IN, dlen = 4
> internet address = 165.251.48.79
> ttl = 3600 (1H)
> mail-intake-2.mail.com
> type = A, class = IN, dlen = 4
> internet address = 165.251.48.80
> ttl = 3600 (1H)
> > nod2
> Server: dnsserver at ourdomain.com
> Address: 127.0.0.2
>
> ;; res_mkquery(0, nod2.ourdomain.com, 1, 15)
> ------------
> SendRequest(), len 34
> HEADER:
> opcode = QUERY, id = 52384, rcode = NOERROR
> header flags: query, want recursion
> questions = 1, answers = 0, authority records = 0, additional =
0
>
> QUESTIONS:
> nod2.ourdomain.com, type = MX, class = IN
>
> ------------
> ------------
> Got answer (95 bytes):
> HEADER:
> opcode = QUERY, id = 52384, rcode = NXDOMAIN
> header flags: response, auth. answer, want recursion, recursion
> avail.
> questions = 1, answers = 0, authority records = 1, additional =
0
>
> QUESTIONS:
> nod2.ourdomain.com, type = MX, class = IN
> AUTHORITY RECORDS:
> -> ourdomain.com
> type = SOA, class = IN, dlen = 38
> ttl = 3600 (1H)
> origin = ns1.ourdomain.com
> mail addr = nic-admin.ourdomain.com
> serial = 2000060803
> refresh = 10800 (3H)
> retry = 1800 (30M)
> expire = 604800 (1W)
> minimum ttl = 3600 (1H)
>
> ------------
> ;; res_mkquery(0, nod2, 1, 15)
> ------------
> SendRequest(), len 22
> HEADER:
> opcode = QUERY, id = 52385, rcode = NOERROR
> header flags: query, want recursion
> questions = 1, answers = 0, authority records = 0, additional =
0
>
> QUESTIONS:
> nod2, type = MX, class = IN
>
> ------------
> ------------
> Got answer (95 bytes):
> HEADER:
> opcode = QUERY, id = 52385, rcode = NXDOMAIN
> header flags: response, auth. answer, want recursion, recursion
> avail.
> questions = 1, answers = 0, authority records = 1, additional =
0
>
> QUESTIONS:
> nod2, type = MX, class = IN
> AUTHORITY RECORDS:
> -> (root)
> type = SOA, class = IN, dlen = 62
> ttl = 86400 (1D)
> origin = A.ROOT-SERVERS.NET
> mail addr = hostmaster.internic.NET
> serial = 2000061200
> refresh = 1800 (30M)
> retry = 900 (15M)
> expire = 604800 (1W)
> minimum ttl = 86400 (1D)
>
> ------------
> *** dnsserver at ourdomain.com can't find nod2: Non-existent host/domain
> > set nod2
> d2 mode disabled; still in debug mode
> > usa.com
> Server: dnsserver at ourdomain.com
> Address: 127.0.0.2
>
> ;; res_mkquery(0, usa.com, 1, 15)
> ------------
> Got answer:
> HEADER:
> opcode = QUERY, id = 52386, rcode = NOERROR
> header flags: response, want recursion, recursion avail.
> questions = 1, answers = 3, authority records = 2, additional =
2
>
> QUESTIONS:
> usa.com, type = MX, class = IN
> ANSWERS:
> -> usa.com
> preference = 15, mail exchanger = mail-intake-3.mail.com
> ttl = 3507 (3507)
> -> usa.com
> preference = 5, mail exchanger = mail-intake-1.mail.com
> ttl = 3507 (3507)
> -> usa.com
> preference = 10, mail exchanger = mail-intake-2.mail.com
> ttl = 3507 (3507)
> AUTHORITY RECORDS:
> -> usa.com
> nameserver = NS1.mail.com
> ttl = 172410 (172410)
> -> usa.com
> nameserver = NS2.mail.com
> ttl = 172410 (172410)
> ADDITIONAL RECORDS:
> -> NS1.mail.com
> internet address = 165.251.1.2
> ttl = 172410 (172410)
> -> NS2.mail.com
> internet address = 165.251.1.3
> ttl = 172410 (172410)
>
> ------------
> Non-authoritative answer:
> usa.com
> preference = 15, mail exchanger = mail-intake-3.mail.com
> ttl = 3507 (3507)
> usa.com
> preference = 5, mail exchanger = mail-intake-1.mail.com
> ttl = 3507 (3507)
> usa.com
> preference = 10, mail exchanger = mail-intake-2.mail.com
> ttl = 3507 (3507)
>
> Authoritative answers can be found from:
> usa.com
> nameserver = NS1.mail.com
> ttl = 172410 (172410)
> usa.com
> nameserver = NS2.mail.com
> ttl = 172410 (172410)
> NS1.mail.com
> internet address = 165.251.1.2
> ttl = 172410 (172410)
> NS2.mail.com
> internet address = 165.251.1.3
> ttl = 172410 (172410)
> > set no d2
> Unrecognized command: set no d2
> > set nodebug
> > usa.com
> Server: dnsserver at ourdomain.com
> Address: 127.0.0.2
>
> Non-authoritative answer:
> usa.com preference = 15, mail exchanger = mail-intake-3.mail.com
> usa.com preference = 5, mail exchanger = mail-intake-1.mail.com
> usa.com preference = 10, mail exchanger = mail-intake-2.mail.com
>
> Authoritative answers can be found from:
> usa.com nameserver = NS1.mail.com
> usa.com nameserver = NS2.mail.com
> mail-intake-3.mail.com internet address = 165.251.4.101
> mail-intake-3.mail.com internet address = 165.251.4.102
> mail-intake-3.mail.com internet address = 165.251.4.103
> mail-intake-3.mail.com internet address = 165.251.48.78
> mail-intake-3.mail.com internet address = 165.251.48.79
> mail-intake-3.mail.com internet address = 165.251.48.80
> mail-intake-3.mail.com internet address = 165.251.4.147
> mail-intake-3.mail.com internet address = 165.251.4.100
> mail-intake-1.mail.com internet address = 165.251.4.147
> mail-intake-1.mail.com internet address = 165.251.4.100
> mail-intake-1.mail.com internet address = 165.251.4.101
> mail-intake-1.mail.com internet address = 165.251.4.102
> mail-intake-1.mail.com internet address = 165.251.4.103
> mail-intake-1.mail.com internet address = 165.251.48.78
> mail-intake-1.mail.com internet address = 165.251.48.79
> mail-intake-1.mail.com internet address = 165.251.48.80
> NS1.mail.com internet address = 165.251.1.2
> NS2.mail.com internet address = 165.251.1.3
> > server scooter
> Default Server: dnsserver2 at ourdomain.com
> Address: 127.0.0.3
>
> > usa.com
> Server: dnsserver2 at ourdomain.com
> Address: 127.0.0.3
>
> *** dnsserver2 at ourdomain.com can't find usa.com: Non-existent host/domain
> > set debug
> > usa.com
> Server: dnsserver2 at ourdomain.com
> Address: 127.0.0.3
>
> ;; res_mkquery(0, usa.com, 1, 15)
> ------------
> Got answer:
> HEADER:
> opcode = QUERY, id = 52391, rcode = SERVFAIL
> header flags: response, want recursion, recursion avail.
> questions = 1, answers = 0, authority records = 0, additional =
0
>
> QUESTIONS:
> usa.com, type = MX, class = IN
>
> ------------
> ;; res_mkquery(0, usa.com.ourdomain.com, 1, 15)
> ------------
> Got answer:
> HEADER:
> opcode = QUERY, id = 52392, rcode = NXDOMAIN
> header flags: response, auth. answer, want recursion, recursion
> avail.
> questions = 1, answers = 0, authority records = 1, additional =
0
>
> QUESTIONS:
> usa.com.ourdomain.com, type = MX, class = IN
> AUTHORITY RECORDS:
> -> ourdomain.com
> ttl = 3600 (1H)
> origin = ns1.ourdomain.com
> mail addr = nic-admin.ourdomain.com
> serial = 2000060803
> refresh = 10800 (3H)
> retry = 1800 (30M)
> expire = 604800 (1W)
> minimum ttl = 3600 (1H)
>
> ------------
> *** dnsserver2 at ourdomain.com can't find usa.com: Non-existent host/domain
> > set d2
> > usa.com
> Server: dnsserver2 at ourdomain.com
> Address: 127.0.0.3
>
> ;; res_mkquery(0, usa.com, 1, 15)
> ------------
> SendRequest(), len 25
> HEADER:
> opcode = QUERY, id = 52393, rcode = NOERROR
> header flags: query, want recursion
> questions = 1, answers = 0, authority records = 0, additional =
0
>
> QUESTIONS:
> usa.com, type = MX, class = IN
>
> ------------
> ------------
> Got answer (25 bytes):
> HEADER:
> opcode = QUERY, id = 52393, rcode = SERVFAIL
> header flags: response, want recursion, recursion avail.
> questions = 1, answers = 0, authority records = 0, additional =
0
>
> QUESTIONS:
> usa.com, type = MX, class = IN
>
> ------------
> ;; res_mkquery(0, usa.com.ourdomain.com, 1, 15)
> ------------
> SendRequest(), len 37
> HEADER:
> opcode = QUERY, id = 52394, rcode = NOERROR
> header flags: query, want recursion
> questions = 1, answers = 0, authority records = 0, additional =
0
>
> QUESTIONS:
> usa.com.ourdomain.com, type = MX, class = IN
>
> ------------
> ------------
> Got answer (98 bytes):
> HEADER:
> opcode = QUERY, id = 52394, rcode = NXDOMAIN
> header flags: response, auth. answer, want recursion, recursion
> avail.
> questions = 1, answers = 0, authority records = 1, additional =
0
>
> QUESTIONS:
> usa.com.ourdomain.com, type = MX, class = IN
> AUTHORITY RECORDS:
> -> ourdomain.com
> type = SOA, class = IN, dlen = 38
> ttl = 3600 (1H)
> origin = ns1.ourdomain.com
> mail addr = nic-admin.ourdomain.com
> serial = 2000060803
> refresh = 10800 (3H)
> retry = 1800 (30M)
> expire = 604800 (1W)
> minimum ttl = 3600 (1H)
>
> ------------
> *** dnsserver2 at ourdomain.com can't find usa.com: Non-existent host/domain
> >
More information about the bind-users
mailing list