max-ncache-ttl

Fri Nov 9 21:22:49 UTC 2001

The mailq shows host name lookup failures. Some of the domains are valid but
no MX record.  

How can I tell?

Below are cache dumps from different times. The first two are from our
Internal DNS servers that that handle all external DNS queries. At that
particular point in time both DNS server could find the Domain, the NS, A
and MX records. The third one is from the same server as #1 but at a
different time. What does the LAME= mean? I was not able to lookup the A
record or the MX record.

1. From DNS server #1
samsung 3656    IN  NS nic.samsung.co.kr.      ;Cr=answer [203.255.234.103]
        3656    IN  NS red.samsung.co.kr.      ;Cr=answer [203.255.234.103]
        3656    IN  NS green.samsung.co.kr.    ;Cr=answer [203.255.234.103]
        43161   IN  A  203.254.192.15          ;Cr=answer [203.241.135.135]
        57675   IN  MX 0 imail00.samsung.co.kr.;Cr=answer [203.241.135.135]

2. From DNS server #2
samsung 2203    IN  NS nic.samsung.co.kr.      ;Cr=addtnl [203.248.240.141]
        2203    IN  NS red.samsung.co.kr.      ;Cr=addtnl [203.248.240.141]
        2203    IN  NS green.samsung.co.kr.    ;Cr=addtnl [203.248.240.141]
        43169   IN  A  203.254.192.15          ;Cr=answer [203.241.135.130]
        43188   IN  MX 0 imail00.samsung.co.kr.;Cr=answer [203.241.135.130]

3. From DNS server #1 At a different time
samsung 3138 IN NS nic.samsung.co.kr.  ;Cr=addtnl LAME=158 [203.255.234.103]
        3138 IN NS red.samsung.co.kr.  ;Cr=addtnl LAME=157 [203.255.234.103]
        3138 IN NS green.samsung.co.kr.;Cr=addtnl LAME=158 [203.255.234.103]

Performing a nslookup in debug mode I get the following. The below lookups
gave me results #3 above.  What does the SERVFAIL really mean?  This has
been an intermittent issue for the past month or so.

Thanks for your help

RCE

> samsung.co.kr.
Server:  rootdns1.agere.com
Address:  192.19.192.98

;; res_nmkquery(QUERY, samsung.co.kr, IN, A)
------------
Got answer:
    HEADER:
        opcode = QUERY, id = 27819, rcode = SERVFAIL
        header flags:  response, want recursion
        questions = 1,  answers = 0,  authority records = 0,  additional = 0

    QUESTIONS:
        samsung.co.kr, type = A, class = IN

------------
*** rootdns1.agere.com can't find samsung.co.kr.: Server failed
> set type=mx
> samsung.co.kr.         
Server:  rootdns1.agere.com
Address:  192.19.192.98

;; res_nmkquery(QUERY, samsung.co.kr, IN, MX)
------------
Got answer:
    HEADER:
        opcode = QUERY, id = 44586, rcode = SERVFAIL
        header flags:  response, want recursion
        questions = 1,  answers = 0,  authority records = 0,  additional = 0

    QUESTIONS:
        samsung.co.kr, type = MX, class = IN

------------
*** rootdns1.agere.com can't find samsung.co.kr.: Server failed

> set type=any
> samsung.co.kr.               
Server:  rootdns1.agere.com
Address:  192.19.192.98

;; res_nmkquery(QUERY, samsung.co.kr, IN, ANY)
------------
Got answer:
    HEADER:
        opcode = QUERY, id = 44587, rcode = NOERROR
        header flags:  response, want recursion
        questions = 1,  answers = 3,  authority records = 3,  additional = 3

    QUESTIONS:
        samsung.co.kr, type = ANY, class = IN
    ANSWERS:
    ->  samsung.co.kr
        nameserver = nic.samsung.co.kr
        ttl = 3205 (53m25s)
    ->  samsung.co.kr
        nameserver = red.samsung.co.kr
        ttl = 3205 (53m25s)
    ->  samsung.co.kr
        nameserver = green.samsung.co.kr
        ttl = 3205 (53m25s)
    AUTHORITY RECORDS:
    ->  samsung.co.kr
        nameserver = nic.samsung.co.kr
        ttl = 3205 (53m25s)
    ->  samsung.co.kr
        nameserver = red.samsung.co.kr
        ttl = 3205 (53m25s)
    ->  samsung.co.kr
        nameserver = green.samsung.co.kr
        ttl = 3205 (53m25s)
    ADDITIONAL RECORDS:
    ->  nic.samsung.co.kr
        internet address = 203.241.132.34
        ttl = 299 (4m59s)
    ->  red.samsung.co.kr
        internet address = 203.241.135.130
        ttl = 54764 (15h12m44s)
    ->  green.samsung.co.kr
        internet address = 203.241.135.135
        ttl = 48523 (13h28m43s)

------------
Non-authoritative answer:
samsung.co.kr
        nameserver = nic.samsung.co.kr
        ttl = 3205 (53m25s)
samsung.co.kr
        nameserver = red.samsung.co.kr
        ttl = 3205 (53m25s)
samsung.co.kr
        nameserver = green.samsung.co.kr
        ttl = 3205 (53m25s)

Authoritative answers can be found from:
samsung.co.kr
        nameserver = nic.samsung.co.kr
        ttl = 3205 (53m25s)
samsung.co.kr
        nameserver = red.samsung.co.kr
        ttl = 3205 (53m25s)
samsung.co.kr
        nameserver = green.samsung.co.kr
        ttl = 3205 (53m25s)
nic.samsung.co.kr
        internet address = 203.241.132.34
        ttl = 299 (4m59s)
red.samsung.co.kr
        internet address = 203.241.135.130
        ttl = 54764 (15h12m44s)
green.samsung.co.kr
        internet address = 203.241.135.135
        ttl = 48523 (13h28m43s)

Looks good here!

-----Original Message-----
From: Simon Waters [mailto:Simon at wretched.demon.co.uk] 
Sent: Friday, November 09, 2001 12:31 PM
To: undisclosed-recipients; undisclosed-recipients;
@isc.org at alerelay.agere.com
Subject: Re: max-ncache-ttl

"England, Robert" wrote:
> 
> If decreasing the time for the negative cache is not a good thing, any
ideas
> of what I can do to help us resolve the domain names. We have mail that
sits
> in the queues. We have a current db.cache file. Could the problems be
> Internet Latency?

What Barry is saying is that the symptom you describe is because
the domains or DNS are set up wrong, and may have nothing to do
with the server that is resolving them. If you have high
latency, you fail to get an answer, this isn't cached (Although
BIND remembers if a server is particularly slow in responding so
it can try others first).

NXDOMAIN is only cached if something tells you that a domain
doesn't exist. So reducing max-ncache-ttl may help you requery
one of the servers that is working correctly, but it doesn't fix
the broken servers.

Mail sitting in queues should be a DIFFERENT problem, and not
caused by NXDOMAIN responses.

If I mail fred at nonesuchdomain.com I get an NXDOMAIN from one of
the GTLD-SERVERS.NET.
Immediately my mailer gives up and says;

<fred at nonesuchdomain.com>: Name service error for
nonesuchdomain.com: Host not found

Why would a mailer hang on to mail for a domain that doesn't
exist? It can never be delivered? (Unless someone registers
nonesuchdomain.com, and sets the DNS up shortly after you sent
the message ;).

Are you sure your getting NXDOMAIN, and not some other error?
What does "mailq" show?