named quits resolving certain domains

mike miller mikem at ndtel.com
Fri Jan 26 16:48:16 UTC 2001 

The description: 3 production name server hosting approximately 100
zones, set up as a master and 2 slaves.
The master is a sun sparc running bind 8.2.2.p7 locally compiled, while
the two slaves are intel redhat 5.2 and 7.0 running bind 8.2.2.p7
installed from redhat RPM
A 4th non-production server sitting behind a firewall running intel
redhat 5.2 and bind 8.2.2.p7 form an RPM.

The Problem:
All three production servers are having the same problem.  They can't
resolve certain domains, while off site server and the non production
server can.

output from nslookup -debug from the master production server:

[root at ndtc3500 named]# nslookup -debug beckett.com
;; res_nmkquery(QUERY, 10.65.74.209.in-addr.arpa, IN, PTR)
------------
Got answer:
    HEADER:
        opcode = QUERY, id = 36042, rcode = NOERROR
        header flags:  response, auth. answer, want recursion, recursion
avail.
        questions = 1,  answers = 1,  authority records = 3,  additional
= 3

    QUESTIONS:
        10.65.74.209.in-addr.arpa, type = PTR, class = IN
    ANSWERS:
    ->  10.65.74.209.in-addr.arpa
        name = ns.stellarnet.com
        ttl = 86400 (1D)
    AUTHORITY RECORDS:
    ->  65.74.209.in-addr.arpa
        nameserver = ns.stellarnet.com
        ttl = 86400 (1D)
    ->  65.74.209.in-addr.arpa
        nameserver = ns1.stellarnet.com
        ttl = 86400 (1D)
    ->  65.74.209.in-addr.arpa
        nameserver = ns2.stellarnet.com
        ttl = 86400 (1D)
    ADDITIONAL RECORDS:
    ->  ns.stellarnet.com
        internet address = 209.74.65.10
        ttl = 86400 (1D)
    ->  ns1.stellarnet.com
        internet address = 205.198.5.2
        ttl = 86400 (1D)
    ->  ns2.stellarnet.com
        internet address = 209.74.65.15
        ttl = 86400 (1D)

------------
Server:  ns.stellarnet.com
Address:  209.74.65.10

;; res_nmkquery(QUERY, beckett.com, IN, A)
------------
Got answer:
    HEADER:
        opcode = QUERY, id = 36043, rcode = SERVFAIL
        header flags:  response, want recursion, recursion avail.
        questions = 1,  answers = 0,  authority records = 0,  additional
= 0

    QUESTIONS:
        beckett.com, type = A, class = IN

------------


output from the non production server:

[root at test named]# nslookup -debug beckett.com
;; res_nmkquery(QUERY, 254.61.36.192.in-addr.arpa, IN, PTR)
------------
Got answer:
    HEADER:
        opcode = QUERY, id = 20728, rcode = NOERROR
        header flags:  response, auth. answer, want recursion, recursion
avail.
        questions = 1,  answers = 1,  authority records = 1,  additional
= 1

    QUESTIONS:
        254.61.36.192.in-addr.arpa, type = PTR, class = IN
    ANSWERS:
    ->  254.61.36.192.in-addr.arpa
        name = test.test.com
        ttl = 86400 (1D)
    AUTHORITY RECORDS:
    ->  61.36.192.in-addr.arpa
        nameserver = test.test.com
        ttl = 86400 (1D)
    ADDITIONAL RECORDS:
    ->  test.test.com
        internet address = 192.36.61.254
        ttl = 86400 (1D)

------------
Server:  test.test.com
Address:  192.36.61.254

;; res_nmkquery(QUERY, beckett.com, IN, A)
------------
Got answer:
    HEADER:
        opcode = QUERY, id = 20729, rcode = NOERROR
        header flags:  response, want recursion, recursion avail.
        questions = 1,  answers = 1,  authority records = 2,  additional
= 2

    QUESTIONS:
        beckett.com, type = A, class = IN
    ANSWERS:
    ->  beckett.com
        internet address = 206.104.70.2
        ttl = 19227 (5h20m27s)
    AUTHORITY RECORDS:
    ->  beckett.com
        nameserver = S.NS.VERIO.NET
        ttl = 170427 (1d23h20m27s)
    ->  beckett.com
        nameserver = NS1.beckett.com
        ttl = 170427 (1d23h20m27s)
    ADDITIONAL RECORDS:
    ->  S.NS.VERIO.NET
        internet address = 192.67.14.15
        ttl = 170427 (1d23h20m27s)
    ->  NS1.beckett.com
        internet address = 206.104.70.199
        ttl = 170427 (1d23h20m27s)

------------
Non-authoritative answer:
Name:    beckett.com
Address:  206.104.70.2


I have looked at the named.conf files and haven't found anything
strange.  We are not using forwards, the master and one slave are on one
network while the other slave is on a separate network. The non
production box is behind a firewall on another network.  I have stoped
and started named many times on all 4 servers with the same results.  If
any one has any ideas I would greatly appreciate the help.  The reason I
found the problem is because the mail server is complaining about so
many unresolvable domains.  The problem seems to have started after we
replaced an old redhat 5.2 box with the sun sparc box.  We did this by
moving the ip address of the redhat box to the sparc box so we wouldn't
have to change any of the network solutions name server information. 
Since then the DNS has been flaky.

Mike

More information about the bind-users mailing list