named quits resolving certain domains

Thu Jan 25 00:29:51 UTC 2001

ns1.triton.net answers non-authoritatively with a constant TTL, suggesting that it
may be a master which is failing to load its master zone, probably due to a syntax
error in the zone file.

ns2.triton.net answers non-authoritatively with a declining TTL, suggesting that
it is not functioning either as a master or a slave (possibly the zone expired).

- Kevin

Barry Margolin wrote:

> In article <94mvbp$r4t at pub3.rc.vix.com>, mike miller  <mikem at ndtel.com> wrote:
> >;; res_nmkquery(QUERY, triton.net, IN, A)
> >------------
> >Got answer:
> >    HEADER:
> >        opcode = QUERY, id = 41604, rcode = SERVFAIL
> >        header flags:  response, want recursion, recursion avail.
> >        questions = 1,  answers = 0,  authority records = 0,  additional
> >= 0
> >
> >    QUESTIONS:
> >        triton.net, type = A, class = IN
> >
> >------------
> >;; res_nmkquery(QUERY, triton.net.stellarnet.com, IN, A)
> >------------
> >Got answer:
> >    HEADER:
> >        opcode = QUERY, id = 41605, rcode = NXDOMAIN
> >        header flags:  response, auth. answer, want recursion, recursion
> >avail.
> >        questions = 1,  answers = 0,  authority records = 1,  additional
> >= 0
> >
> >    QUESTIONS:
> >        triton.net.stellarnet.com, type = A, class = IN
> >    AUTHORITY RECORDS:
> >    ->  stellarnet.com
> >        ttl = 86400 (1D)
> >        origin = ns.stellarnet.com
> >        mail addr = hostmaster.stellarnet.com
> >        serial = 199902043
> >        refresh = 10800 (3H)
> >        retry   = 3600 (1H)
> >        expire  = 604800 (1W)
> >        minimum ttl = 86400 (1D)
> >
> >------------
> >*** ns1.stellarnet.com can't find triton.net: Non-existent host/domain
> >
> >Why does it say triton.net.stellarnet.com when its only triton.net.  I
>
> It first tried just triton.net and get a SERVFAIL error code.  When it
> can't find a name as given, it then tries looking it up with the default
> domain appended.
>
> >then did a dig on triton.net and it produced the following:
> >[root at ns1 named]# dig triton.net
> >
> >; <<>> DiG 8.2 <<>> triton.net
> >;; res options: init recurs defnam dnsrch
> >;; got answer:
> >;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4
> >;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
> >;; QUERY SECTION:
> >;;      triton.net, type = A, class = IN
> >
> >;; ANSWER SECTION:
> >triton.net.             13h10m45s IN A  209.172.0.5
> >
> >;; AUTHORITY SECTION:
> >triton.net.             1d20h57m7s IN NS  NS2.triton.net.
> >triton.net.             1d20h57m7s IN NS  NS1.triton.net.
> >
> >;; ADDITIONAL SECTION:
> >NS2.triton.net.         1d20h57m7s IN A  209.172.0.8
> >NS1.triton.net.         1d20h57m7s IN A  209.172.0.5
> >
> >;; Total query time: 1 msec
> >;; FROM: ns1.stellarnet.com to SERVER: default -- 205.198.5.2
> >;; WHEN: Wed Jan 24 10:15:31 2001
> >;; MSG SIZE  sent: 28  rcvd: 112
> >
> >Then I did another nslookup and it worked???
> >very confusing??
>
> It looks like the problem is that ns2.triton.net is misconfigured, as it is
> not authoritative for the triton.net domain.  So if your local server
> happens to ask ns1, it will get an answer, but if it asks ns2 it may or may
> not get an answer, depending on whether ns2 happens to have the answer
> cached.  If the answer isn't cached it will return a SERVFAIL error code,
> and your local server will return that to you.
>
> --
> Barry Margolin, barmar at genuity.net
> Genuity, Burlington, MA
> *** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
> Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.