named quits resolving certain domains

Kevin Darcy kcd at daimlerchrysler.com
Thu Jan 25 01:40:52 UTC 2001 

Those off-site nameservers are probably getting occasional SERVFAILs as you are, but
once they get a good answer, they cache it. Since they're probably being hit more often
for those names than your servers, the answer is more likely to already be in their
cache at any particular point in time.

Another factor is that named is somewhat adaptive -- for instance, it will, under some
circumstances, mark another nameserver as "lame" and not use it for a while. So, even
in the absence of a cached answer, a busier nameserver may have a better "track
record" of other nameservers and therefore be better equipped to resolve a given query.


- Kevin

Mike Miller wrote:

> so all of my problems seem to not be my problems??? I am just wondering
> why off site name server will answer to some of these problem domains when
> mine will not???
>
> On Wed, 24 Jan 2001, Kevin Darcy wrote:
>
> >
> > ns1.triton.net answers non-authoritatively with a constant TTL, suggesting that it
> > may be a master which is failing to load its master zone, probably due to a syntax
> > error in the zone file.
> >
> > ns2.triton.net answers non-authoritatively with a declining TTL, suggesting that
> > it is not functioning either as a master or a slave (possibly the zone expired).
> >
> >
> > - Kevin
> >
> > Barry Margolin wrote:
> >
> > > In article <94mvbp$r4t at pub3.rc.vix.com>, mike miller  <mikem at ndtel.com> wrote:
> > > >;; res_nmkquery(QUERY, triton.net, IN, A)
> > > >------------
> > > >Got answer:
> > > >    HEADER:
> > > >        opcode = QUERY, id = 41604, rcode = SERVFAIL
> > > >        header flags:  response, want recursion, recursion avail.
> > > >        questions = 1,  answers = 0,  authority records = 0,  additional
> > > >= 0
> > > >
> > > >    QUESTIONS:
> > > >        triton.net, type = A, class = IN
> > > >
> > > >------------
> > > >;; res_nmkquery(QUERY, triton.net.stellarnet.com, IN, A)
> > > >------------
> > > >Got answer:
> > > >    HEADER:
> > > >        opcode = QUERY, id = 41605, rcode = NXDOMAIN
> > > >        header flags:  response, auth. answer, want recursion, recursion
> > > >avail.
> > > >        questions = 1,  answers = 0,  authority records = 1,  additional
> > > >= 0
> > > >
> > > >    QUESTIONS:
> > > >        triton.net.stellarnet.com, type = A, class = IN
> > > >    AUTHORITY RECORDS:
> > > >    ->  stellarnet.com
> > > >        ttl = 86400 (1D)
> > > >        origin = ns.stellarnet.com
> > > >        mail addr = hostmaster.stellarnet.com
> > > >        serial = 199902043
> > > >        refresh = 10800 (3H)
> > > >        retry   = 3600 (1H)
> > > >        expire  = 604800 (1W)
> > > >        minimum ttl = 86400 (1D)
> > > >
> > > >------------
> > > >*** ns1.stellarnet.com can't find triton.net: Non-existent host/domain
> > > >
> > > >Why does it say triton.net.stellarnet.com when its only triton.net.  I
> > >
> > > It first tried just triton.net and get a SERVFAIL error code.  When it
> > > can't find a name as given, it then tries looking it up with the default
> > > domain appended.
> > >
> > > >then did a dig on triton.net and it produced the following:
> > > >[root at ns1 named]# dig triton.net
> > > >
> > > >; <<>> DiG 8.2 <<>> triton.net
> > > >;; res options: init recurs defnam dnsrch
> > > >;; got answer:
> > > >;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4
> > > >;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
> > > >;; QUERY SECTION:
> > > >;;      triton.net, type = A, class = IN
> > > >
> > > >;; ANSWER SECTION:
> > > >triton.net.             13h10m45s IN A  209.172.0.5
> > > >
> > > >;; AUTHORITY SECTION:
> > > >triton.net.             1d20h57m7s IN NS  NS2.triton.net.
> > > >triton.net.             1d20h57m7s IN NS  NS1.triton.net.
> > > >
> > > >;; ADDITIONAL SECTION:
> > > >NS2.triton.net.         1d20h57m7s IN A  209.172.0.8
> > > >NS1.triton.net.         1d20h57m7s IN A  209.172.0.5
> > > >
> > > >;; Total query time: 1 msec
> > > >;; FROM: ns1.stellarnet.com to SERVER: default -- 205.198.5.2
> > > >;; WHEN: Wed Jan 24 10:15:31 2001
> > > >;; MSG SIZE  sent: 28  rcvd: 112
> > > >
> > > >Then I did another nslookup and it worked???
> > > >very confusing??
> > >
> > > It looks like the problem is that ns2.triton.net is misconfigured, as it is
> > > not authoritative for the triton.net domain.  So if your local server
> > > happens to ask ns1, it will get an answer, but if it asks ns2 it may or may
> > > not get an answer, depending on whether ns2 happens to have the answer
> > > cached.  If the answer isn't cached it will return a SERVFAIL error code,
> > > and your local server will return that to you.
> > >
> > > --
> > > Barry Margolin, barmar at genuity.net
> > > Genuity, Burlington, MA
> > > *** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
> > > Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.
> >
> >
> >
> >
> >

More information about the bind-users mailing list