intermittent resolving errors
Kelly Scroggins
kelly at cliffhanger.com
Fri Nov 16 20:21:48 UTC 2001
I am experiencing a problem I can't solve. I hope
someone here with more Bind expertise can help me.
My internal name server (bind 8.x on Linux) is
resolving names intermittently. Sometimes I can
run an nslookup on a Internet server such as
www.yahoo.com, or www.google.com and it will
return an error. Then another try will return the
correct information.
This internal name server is the master of our
internal zones, and is configured to forward
queries to outside (our ISPs) name servers.
Here's an example of an nslookup failure:
C:\>nslookup www.yahoo.com
Server: ns1.my-domain.com
Address: 192.168.1.2
*** ns1.my-domain.com can't find www.yahoo.com: Non-existent domain
I've also captured some packets of this error.
I've included a packet that shows an error below.
The most interesting thing about this is that the
name being queried is intermittently appended with
"my-domain.com". As if it's in one of my local
zone files and does not have the 'trailing dot' at
the end of the RR.
i.e.,
www.yahoo.com.my-domain.com: type A, class inet
Name: www.yahoo.com.my-domain.com
Here's the capture :
-- sniff trace begins --
Frame 168 (91 on wire, 91 captured)
Arrival Time: Nov 15, 2001 11:29:44.9564
Time delta from previous packet: 0.000000 seconds
Frame Number: 168
Packet Length: 91 bytes
Capture Length: 91 bytes
Ethernet II
Destination: 00:a0:c9:89:92:57 (00:a0:c9:89:92:57)
Source: 00:10:5a:20:1d:86 (00:10:5a:20:1d:86)
Type: IP (0x0800)
Internet Protocol
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..00 = Currently Unused: 0
Total Length: 77
Identification: 0x4e64
Flags: 0x00
.0.. = Don't fragment: Not set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: UDP (0x11)
Header checksum: 0x1670 (correct)
Source: cald.my-domain.com (192.168.1.1)
Destination: ns1.my-domain.com (192.168.1.2)
User Datagram Protocol
Source port: 4881 (4881)
Destination port: domain (53)
Length: 57
Checksum: 0xf25e
Domain Name System (query)
Transaction ID: 0x1537
Flags: 0x0100 (Standard query)
0... .... .... .... = Query
.000 0... .... .... = Standard query
.... ..0. .... .... = Message is not truncated
.... ...1 .... .... = Do query recursively
.... .... ...0 .... = Non-authenticated data is unacceptable
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 0
Queries
www.yahoo.com.my-domain.com: type A, class inet
Name: www.yahoo.com.my-domain.com
Type: Host address
Class: inet
Frame 169 (157 on wire, 157 captured)
Arrival Time: Nov 15, 2001 11:29:44.9570
Time delta from previous packet: 0.000629 seconds
Frame Number: 169
Packet Length: 157 bytes
Capture Length: 157 bytes
Ethernet II
Destination: 00:10:5a:20:1d:86 (00:10:5a:20:1d:86)
Source: 00:a0:c9:89:92:57 (00:a0:c9:89:92:57)
Type: IP (0x0800)
Internet Protocol
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..00 = Currently Unused: 0
Total Length: 143
Identification: 0x0362
Flags: 0x00
.0.. = Don't fragment: Not set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: UDP (0x11)
Header checksum: 0x6130 (correct)
Source: ns1.my-domain.com (192.168.1.2)
Destination: cald.my-domain.com (192.168.1.1)
User Datagram Protocol
Source port: domain (53)
Destination port: 4881 (4881)
Length: 123
Checksum: 0x0d95
Domain Name System (response)
Transaction ID: 0x1537
Flags: 0x8583 (Standard query response, Name error)
1... .... .... .... = Response
.000 0... .... .... = Standard query
.... .1.. .... .... = Server is an authority for domain
.... ..0. .... .... = Message is not truncated
.... ...1 .... .... = Do query recursively
.... .... 1... .... = Server can do recursive queries
.... .... ..0. .... = Answer/authority portion was not autenticated by the server
.... .... .... 0011 = Name error
Questions: 1
Answer RRs: 0
Authority RRs: 1
Additional RRs: 0
Queries
www.yahoo.com.my-domain.com: type A, class inet
Name: www.yahoo.com.my-domain.com
Type: Host address
Class: inet
Authoritative nameservers
my-domain.com: type SOA, class inet, mname ns1.my-domain.com
Name: my-domain.com
Type: Start of zone of authority
Class: inet
Time to live: 1 day
Data length: 37
Primary name server: ns1.my-domain.com
Responsible authority's mailbox: hostmaster.my-domain.com
Serial number: 2001111203
Refresh interval: 3 hours
Retry interval: 1 hour
Expiration limit: 7 days
Minimum TTL: 1 day
-- sniff trace ends --
More information about the bind-users
mailing list