Oddness with a query

[Barry Margolin]

In article <9lgqrg$ch2 at pub3.rc.vix.com>,
Duncan Hill  <dhill at cricalix.net> wrote:
>
>I may be in the wrong place here, and if so, please point me in the
>right direction.
>
>I have a system that is suddenly failing in DNs related activities
>(lookups).  dig fails, postfix fails, telnet fails.  nslookup works - go
>figure.
>
>A tcpdump parsed through ethereal indicates:
>(dig)
>Standard query A www.pct.edu
>Standard query response CNAME mayer.pct.edu A 12.23.198.64
>Destination unreachable.
> - Dig reports timeout.

What was the dig command that you typed?  The ethereal output seems to
indicate that the proper response came back, so it's strange that dig
reported a timeout.

>(nslookup)
>Standard query A www.pct.edy
>Standard query PTR 4.112.206.167.in-addr.arpa
>Standard query response PTR ns4.srv.hcvlny.cv.net
>Standard query A www.pct.edu
>Standard query response CNAME mayer.pct.edu A 12.23.198.64
> - nslookup returns a value.
>
>I'm stumped as to why the destination unreachable is occuring.  I can
>provide the actual dump if anyone thinks it will be useful.

That might be helpful.  In conjunction with DNS queries, a common reason
for destination unreachable is an answer arriving after the client has
timed out.  When the client closes the socket, the port becomes
unreachable, and the host will generate an ICMP Destination Unreachable -
Port Unreachable in response to the answer packet.

So what may have happened is that the first query took a long time to
resolve, and dig timed out.  But when you tried again using nslookup, the
answer was in your ISP's nameserver's cache, and it succeeded.

-- 
Barry Margolin, barmar at genuity.net
Genuity, Woburn, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.