Unable to lookup host.. mystified

Kevin Darcy kcd at daimlerchrysler.com
Wed Oct 11 01:58:03 UTC 2000 

YUCK!

polysort.com doesn't answer authoritatively for either virtual1.com or
twinsisters.com.

beast.virtual1.com is listed as the *only* NS record for both of those domains,
so effectively that's the only nameserver that folks will use for those domains
once they have those NS records cached. If that nameserver becomes unavailable,
then tough luck. They've created a single point of failure.

They have also committed a big no-no by not including beast.virtual1.com in the
delegations for either domain. This bogosity is masked somewhat by the fact
that the NS record for virtual1.com has a TTL of 0, but then that's just plain
anti-social...

The negative cache entry is for "www.twinsisters.com.private", so it's no
surprise that the root servers claimed non-existence. You are apparently using
a brain-dead lookup tool like "nslookup" that automatically does
"searching" when an initial name lookup fails, and you apparently also have
your default domain or searchlist set to "private". Use something better, like
"dig". Moreover, you apparently aren't blocking the "private" TLD from being
forwarded to the Internet for resolution. Please correct this. The root servers
don't need bogus traffic like this.


- Kevin

Dan Roberts wrote:

> I'm tracking an unusual problem right now with the domain of one of my
> customers. The nameservers listed at netsol are VIRTUAL1.COM and
> POLYSORT.COM.  Both hosts are pingable and I can perform lookups just fine
> using them.  The problem comes when my nameserver wants to resolve
> www.twinsisters.com.  It replies with the correct IP when looking up just
> twinsisters.com, but with www.twinsisters.com, it sits for about 10 seconds
> then gives up with the message *** darcy.gwis.com can't find
> www.twinsisters.com: Non-existent host/domain.  I dumped my DB, but
> unfortunately can't make heads or tails of it.
>
> These are the two entries that seem to deal with twinsisters:
>
> $ORIGIN twinsisters.com.private.
> ;www    4580    IN      SOA     A.ROOT-SERVERS.NET.
> hostmaster.nsiregistry.NET. (
> ;               2000101000 1800 900 604800 86400 );.;NXDOMAIN   ;-$
> ;Cr=auth
>
> twinsisters
>         65290   IN      NS      beast.virtual1.com.     ;Cr=auth
>         65290   IN      A       38.223.248.121  ;Cr=auth
>
> Unfortunately, I don't understand how to interpret this..  my intuition is
> telling me that we had a problem resolving www at some point and now we're
> subject to a negative cache entry.  The customer says that this happens with
> regularity though, so I'd like to get a handle on what's causing the problem
> in the first place.
>
> Any ideas?  Thanks in advance!

More information about the bind-users mailing list