difference in nslookup

Armin Safarians armin.safarians at safeway.com
Tue Jul 9 14:46:36 UTC 2002 

Kevin:
	I checked the response with snoop looking at specific queries
coming from this server. As I mentioned, using dig the same result is
seen. It tries the two server on the forwarders list and once it fails
to get the response back, it then looks at the second entry in the
resolv.conf file which is my secondary server and since it work, it
finally goes through. 
	So at the time of the problem, the server does not receive its
queries back. I'm about to upgrade to a later version of BIND. May be
this will disappear with that upgrade..?? Not hopeful though.

AMS :-) 

-----Original Message-----
From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org] On
Behalf Of Kevin Darcy
Sent: Monday, July 08, 2002 5:27 PM
To: 'bind users'
Subject: Re: difference in nslookup


Armin Safarians wrote:

> Quick one here.
>
> In a split DNS environment that I run here, when I do an nslookup
> yahoo.com, my internal DNS server forward the query to the external
ones
> and so on. Here once in a while this process fails to where snoop
shows
> the query go from the client to the internal dns and then onto the
> external ones, the response however  coming back never gets to the
> internal dns from the external ones. I get a Error 2(Server Failed)
> message. This consistently only happens on one of the internal systems
> and not the other one.
>
> In troubleshooting here is what I have seen that is odd.
>
> Internal>     nslookup hostname.mydomain.com            OK
> Internl>              nslookup yahoo.com                        Fails.
>
> Internal>  nslookup
> Server externalhost.mydoamin.com
>
> Yahoo.com                       OK.
>
> So, the question is, what is a difference between doing an nslookup
> yahoo and letting the forwarders do  the forwarding, versus nslookup,
> setting the server to the external servers and then looking up yahoo.
> Hope this makes sense.

Well, are you *sure* that nslookup is reporting SERVFAIL on the same
name you queried? One of nslookup's many quirks is that it sometimes
misreports errors. I'm suspecting that nslookup is timing out on the
original query, and then "search"ing using your default domain or your
searchlist, e.g. looking up yahoo.com.example.com. It might be getting a
SERVFAIL for that, and reporting it as a SERVFAIL for the original
query. Turn on debugging to see if this is the case.

Or just use "dig" instead, so you don't have to deal with this
nonsense...

 
- Kevin





"WorldSecure Server <safeway.com>" made the following
 annotations on 07/09/02 08:45:02
------------------------------------------------------------------------------
Warning: 
All e-mail sent to this address will be received by the Safeway corporate e-mail system, and is subject to archival and review by someone other than the recipient.  This e-mail may contain information proprietary to Safeway and is intended only for the use of the intended recipient(s).  If the reader of this message is not the intended recipient(s), you are notified that you have received this message in error and that any review, dissemination, distribution or copying of this message is strictly prohibited.  If you have received this message in error, please notify the sender immediately. 
  

==============================================================================

More information about the bind-users mailing list