CACHE Question
Brad Knowles
brad.knowles at skynet.be
Mon Oct 8 17:51:18 UTC 2001
At 11:12 AM -0500 10/8/01, Kris McElroy wrote:
> We are running 9.1.1 on Red Hat Linux 7.1
You need to upgrade. No one should be using BIND 9.1.1 anymore.
If you're going to use BIND 9, you should be running the latest
-RELEASE version, at the very least. At the moment, that would mean
running 9.1.3-REL or 9.2.0rc5.
> We use bind as our
> caching server and have for some time. We have never had any
> problems with it.
Great!
> A customer calls me and says he can't get to
> a particular website. I try to ping it and it comes back unknown
> host. I get on an NT workstation and ping it, nslookup, and still
> no luck.
Try using better DNS debugging tools. Instead of "nslookup", use "dig".
> I did a killall -HUP named and still no luck.
Under no circumstances should you be using signals to communicate
with BIND. Please learn to use the "rndc" command.
> Then I
> restarted name with no luck. The website is
> www.thegospelstation.com and this is the only one that is giving
> me any problems.
I don't have any problems:
dig www.thegospelstation.com. any
; <<>> DiG 9.2.0rc3 <<>> www.thegospelstation.com. any
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29188
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;www.thegospelstation.com. IN ANY
;; ANSWER SECTION:
www.thegospelstation.com. 300 IN A 63.102.200.70
;; Query time: 59 msec
;; WHEN: Mon Oct 8 13:44:01 2001
;; MSG SIZE rcvd: 58
% dig thegospelstation.com. any
; <<>> DiG 9.2.0rc3 <<>> thegospelstation.com. any
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62316
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 2, ADDITIONAL: 3
;; QUESTION SECTION:
;thegospelstation.com. IN ANY
;; ANSWER SECTION:
thegospelstation.com. 155836 IN NS NS1.USLIVE.NET.
thegospelstation.com. 155836 IN NS NS2.USLIVE.NET.
thegospelstation.com. 86386 IN SOA NS1.USLIVE.NET.
hostmaster.thegospelstation.com. 2001062012 21600 10800 604800 300
thegospelstation.com. 297 IN MX 0 mail.thegospelstation.com.
;; AUTHORITY SECTION:
thegospelstation.com. 155836 IN NS NS1.USLIVE.NET.
thegospelstation.com. 155836 IN NS NS2.USLIVE.NET.
;; ADDITIONAL SECTION:
NS1.USLIVE.NET. 172672 IN A 63.102.200.4
NS2.USLIVE.NET. 172672 IN A 63.102.204.132
mail.thegospelstation.com. 297 IN A 63.102.200.70
;; Query time: 3 msec
;; WHEN: Mon Oct 8 13:46:08 2001
;; MSG SIZE rcvd: 228
% dig @NS1.USLIVE.NET. thegospelstation.com. any
; <<>> DiG 9.2.0rc3 <<>> @NS1.USLIVE.NET. thegospelstation.com. any
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24534
;; flags: qr aa rd; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 3
;; QUESTION SECTION:
;thegospelstation.com. IN ANY
;; ANSWER SECTION:
thegospelstation.com. 86400 IN SOA ns1.uslive.net.
hostmaster.thegospelstation.com. 2001062012 21600 10800 604800 300
thegospelstation.com. 300 IN NS ns1.uslive.net.
thegospelstation.com. 300 IN NS ns2.uslive.net.
thegospelstation.com. 300 IN A 63.102.200.70
thegospelstation.com. 300 IN MX 0 mail.thegospelstation.com.
;; ADDITIONAL SECTION:
ns1.uslive.net. 43200 IN A 63.102.200.4
ns2.uslive.net. 43200 IN A 63.102.204.132
mail.thegospelstation.com. 300 IN A 63.102.200.70
;; Query time: 18 msec
;; WHEN: Mon Oct 8 13:46:35 2001
;; MSG SIZE rcvd: 216
% dig @NS1.USLIVE.NET. www.thegospelstation.com. any
; <<>> DiG 9.2.0rc3 <<>> @NS1.USLIVE.NET. www.thegospelstation.com. any
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27588
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;www.thegospelstation.com. IN ANY
;; ANSWER SECTION:
www.thegospelstation.com. 300 IN A 63.102.200.70
;; Query time: 15 msec
;; WHEN: Mon Oct 8 13:47:08 2001
;; MSG SIZE rcvd: 58
% ping www.thegospelstation.com.
PING www.thegospelstation.com. (63.102.200.70): 56 data bytes
64 bytes from 63.102.200.70: icmp_seq=0 ttl=118 time=16.697 ms
64 bytes from 63.102.200.70: icmp_seq=1 ttl=118 time=13.252 ms
64 bytes from 63.102.200.70: icmp_seq=2 ttl=118 time=20.069 ms
64 bytes from 63.102.200.70: icmp_seq=3 ttl=118 time=21.544 ms
64 bytes from 63.102.200.70: icmp_seq=4 ttl=118 time=17.33 ms
^C
--- www.thegospelstation.com. ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 13.252/17.778/21.544 ms
% doc -v thegospelstation.com
Doc-2.2.3: doc -v thegospelstation.com
Doc-2.2.3: Starting test of thegospelstation.com. parent is com.
Doc-2.2.3: Test date - Mon Oct 8 13:48:27 EDT 2001
soa @a.gtld-servers.net. for com. has serial: 2001100800
soa @b.gtld-servers.net. for com. has serial: 2001100800
soa @c.gtld-servers.net. for com. has serial: 2001100800
soa @d.gtld-servers.net. for com. has serial: 2001100800
soa @e.gtld-servers.net. for com. has serial: 2001100800
soa @f.gtld-servers.net. for com. has serial: 2001100800
soa @g.gtld-servers.net. for com. has serial: 2001100800
soa @h.gtld-servers.net. for com. has serial: 2001100800
soa @i.gtld-servers.net. for com. has serial: 2001100800
soa @j.gtld-servers.net. for com. has serial: 2001100800
soa @k.gtld-servers.net. for com. has serial: 2001100800
soa @l.gtld-servers.net. for com. has serial: 2001100800
soa @m.gtld-servers.net. for com. has serial: 2001100800
SOA serial #'s agree for com. domain
Found 2 NS and 2 glue records for thegospelstation.com.
@a.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for thegospelstation.com.
@b.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for thegospelstation.com.
@c.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for thegospelstation.com.
@d.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for thegospelstation.com.
@e.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for thegospelstation.com.
@f.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for thegospelstation.com.
@g.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for thegospelstation.com.
@h.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for thegospelstation.com.
@i.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for thegospelstation.com.
@j.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for thegospelstation.com.
@k.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for thegospelstation.com.
@l.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for thegospelstation.com.
@m.gtld-servers.net. (non-AUTH)
DNServers for com.
=== 0 were also authoritatve for thegospelstation.com.
=== 13 were non-authoritative for thegospelstation.com.
Servers for com. (not also authoritative for thegospelstation.com.)
=== agree on NS records for thegospelstation.com.
NS list summary for thegospelstation.com. from parent (com.) servers
== ns1.uslive.net. ns2.uslive.net.
soa @ns1.uslive.net. for thegospelstation.com. serial: 2001062012
soa @ns2.uslive.net. for thegospelstation.com. serial: 2001062012
SOA serial #'s agree for thegospelstation.com.
Authoritative domain (thegospelstation.com.) servers agree on NS for
thegospelstation.com.
NS list from thegospelstation.com. authoritative servers matches list from
=== parent (com.) servers not authoritative for thegospelstation.com.
Checking 0 potential addresses for hosts at thegospelstation.com.
==
Summary:
No errors or warnings issued for thegospelstation.com.
Done testing thegospelstation.com. Mon Oct 8 13:48:36 EDT 2001
% dnswalk -alF thegospelstation.com.
Checking thegospelstation.com.
Getting zone transfer of thegospelstation.com. from ns1.uslive.net...done.
SOA=ns1.uslive.net contact=hostmaster.thegospelstation.com
WARN: mail.thegospelstation.com A 63.102.200.70: no PTR record
WARN: thegospelstation.com A 63.102.200.70: no PTR record
WARN: www.thegospelstation.com A 63.102.200.70: no PTR record
0 failures, 3 warnings, 0 errors.
DNS Expert
Detailed Report for thegospelstation.com.
10/8/01, 7:50 PM, using the analysis setting "Everything"
======================================================================
Information
----------------------------------------------------------------------
Serial number: 2001062012
Primary name server: ns1.uslive.net.
Primary mail server: mail.thegospelstation.com.
Number of records: 7 (2 NS, 2 MX, 3 A, 0 CNAME, 0 PTR, 0 Other)
Errors
----------------------------------------------------------------------
o The hostmaster address "hostmaster at thegospelstation.com" does not
exist.
None of the mail servers for "thegospelstation.com." recognized
the hostmaster address "hostmaster at thegospelstation.com"
o There is no PTR record for the host "thegospelstation.com."
There is no PTR record available for the host
"thegospelstation.com." which has the IP address 63.102.200.70.
Warnings
----------------------------------------------------------------------
o The Retry field in the SOA record contains an unusually high value
The value 10800 of the Retry field in the SOA record is unusually
high. The value for this field should be within the range 300 -
7200.
o The Minimum TTL field in the SOA record contains an unusually low
value
The value 300 of the Minimum field in the SOA record is unusually
low. The value for this field should be within the range 3600 -
172800.
o The refresh value in the SOA record is too close to the retry value
The value of the Refresh field in the SOA record (currently
21600) should be at least three times bigger than the value of
the Retry field (currently 10800).
o The zone contains more than one A record with the address
63.102.200.70
There is more than one A record in the zone with the IP address
63.102.200.70.
o There is only one MX record in the zone
The zone contains only one MX record. This will cause mail
delivery problems if the primary mail server becomes unavailable.
For safety purposes, there should be two or more mail servers
for every zone, the extra mail servers being used as backup
(secondary) servers for the primary server.
----------------------------------------------------------------------
end of report
--
Brad Knowles, <brad.knowles at skynet.be>
H4sICIFgXzsCA2RtYS1zaWcAPVHLbsMwDDvXX0H0kkvbfxiwVw8FCmzAzqqj1F4dy7CdBfn7
Kc6wmyGRFEnvvxiWQoCvqI7RSWTcfGXQNqCUAnfIU+AT8OZ/GCNjRVlH0bKpguJkxiITZqes
MxwpSucyDJzXxQEUe/ihgXqJXUXwD9ajB6NHonLmNrUSK9nacHQnH097szO74xFXqtlbT3il
wMsBz5cnfCR5cEmci0Rj9u/jqBbPeES1I4PeFBXPUIT1XDSOuutFXylzrQvGyboWstCoQZyP
dxX4dLx0eauFe1x9puhoi0Ao1omEJo+BZ6XLVNaVpWiKekxN0VK2VMpmAy+Bk7ZV4SO+p1L/
uErNRS/qH2iFU+iNOtbcmVt9N16lfF7tLv9FXNj8AiyNcOi1AQAA
More information about the bind-users
mailing list