Strange results with dig, this one is wacky!

Sat Feb 16 03:06:21 UTC 2002

I don't understand what you mean "not going to the main nameservers". The
name resolves fine when you point dig at the "main nameservers", right? It
returns SERVFAIL when you point it at your local nameserver, right? The
problem is your local nameserver. As I said, look in the logs to see what is
wrong. Or, check your firewall/NAT configuration (presumably you're using a
firewall and/or NAT since 192.168.1.2 is a private address) and/or routing
configuration to verify that your nameserver can communicate with Internet
nameservers.

- Kevin

Lists User wrote:

> Ok, that was a bad example. I agree.....
>
> But I still can't get a dig on lilzeus.net.  It's not
> going to the main nameservers.
>
> On Fri, 15 Feb 2002, Kevin Darcy wrote:
>
> >
> > What old data? You're getting a SERVFAIL response from your local server
> > (192.168.1.2), not data, old or otherwise. SERVFAIL means your local
> > server is hosed somehow. There should be something in your logs
> > indicating why.
> >
> >
> > - Kevin
> >
> > Lists User wrote:
> >
> > > I would appreciate any help is this problem.  It doesn't
> > > seem to make sense at all.
> > >
> > > This is regarding the domain: lilzeus.net
> > >
> > > When I do a dig to see which nameserver is reponsible I see
> > > ns1 and ns2.dnsmadeeasy.com.
> > >
> > > >> dig lilzeus.net NS @A.GTLD-SERVERS.NET.
> > > ; <<>> DiG 9.2.0 <<>> lilzeus.net NS @A.GTLD-SERVERS.NET.
> > > ;; global options:  printcmd
> > > ;; Got answer:
> > > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51486
> > > ;; flags: qr rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 2
> > > ;; QUESTION SECTION:
> > > ;lilzeus.net.                   IN      NS
> > > ;; ANSWER SECTION:
> > > lilzeus.net.            172800  IN      NS      NS2.DNSMADEEASY.COM.
> > > lilzeus.net.            172800  IN      NS      NS1.DNSMADEEASY.COM.
> > > ;; ADDITIONAL SECTION:
> > > NS2.DNSMADEEASY.COM.    172800  IN      A       64.50.168.188
> > > NS1.DNSMADEEASY.COM.    172800  IN      A       64.50.168.187
> > >
> > > When I do a dig @ns1.dnsmadeeasy.com it resolves appropriately.
> > >
> > > >> dig lilzeus.net NS @ns1.dnsmadeeasy.com
> > > ; <<>> DiG 9.2.0 <<>> lilzeus.net NS @ns1.dnsmadeeasy.com
> > > ;; global options:  printcmd
> > > ;; Got answer:
> > > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58900
> > > ;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
> > > ;; QUESTION SECTION:
> > > ;lilzeus.net.                   IN      NS
> > > ;; ANSWER SECTION:
> > > lilzeus.net.            10800   IN      NS      ns1.dnsmadeeasy.com.
> > > lilzeus.net.            10800   IN      NS      ns2.dnsmadeeasy.com.
> > > ;; ADDITIONAL SECTION:
> > > ns2.dnsmadeeasy.com.    81621   IN      A       64.50.168.188
> > > ;; Query time: 4 msec
> > > ;; SERVER: 64.50.168.187#53(ns1.dnsmadeeasy.com)
> > > ;; WHEN: Fri Feb 15 17:21:00 2002
> > > ;; MSG SIZE  rcvd: 96
> > >
> > > But when I do a dig without specifying a domain I get nothing!
> > >
> > > >> dig lilzeus.net NS
> > > ; <<>> DiG 9.2.0 <<>> lilzeus.net NS
> > > ;; global options:  printcmd
> > > ;; Got answer:
> > > ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 44799
> > > ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
> > > ;; QUESTION SECTION:
> > > ;lilzeus.net.                   IN      NS
> > > ;; Query time: 216 msec
> > > ;; SERVER: 192.168.1.2#53(192.168.1.2)
> > > ;; WHEN: Fri Feb 15 17:27:41 2002
> > > ;; MSG SIZE  rcvd: 29
> > >
> > > Is the old data being cached?
> >
> >