DNS unable to resolve domain, but works when I go directly to the source DNS

David Botham dns at botham.net
Tue Jul 9 18:08:38 UTC 2002 



> -----Original Message-----
> From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org] On
> Behalf Of Alex Paransky
> Sent: Tuesday, July 09, 2002 12:20 PM
> To: 
> Subject: DNS unable to resolve domain, but works when I go directly to
the
> source DNS
> 
> 
> I am trying to use a type=forward domain, to offload the processing of
> the lookup from the machine I have no access to, onto my machine which
> I can control.
> 
> In the machine I have no access to (ns5.ceiva.com), I have added a
> type=forward domain with forwarders set to my machine.
> 
> If I now execute dig @ns5.ceiva.com www.myprofiles.com I get a proper
> reply and it appears to be working.
> 
> If I execute dig @206.13.29.12 www.myprofiles.com  (another DNS server
> pacbell in this case), I get a  SERVFAIL status.  With a trace (dig
> @206.13.29.12 www.myprofiles.com +trace) it seems like a query to
> ns5.ceiva.com returns top level domains and NOT www.myprofiles.com.
> 
> com.                    106461  IN      NS      A.GTLD-SERVERS.NET.
> com.                    106461  IN      NS      G.GTLD-SERVERS.NET.
> com.                    106461  IN      NS      H.GTLD-SERVERS.NET.
> <snip>
> ;; Received 469 bytes from 192.216.219.2#53(NS5.CEIVA.com) in 33 ms
> 
> Could someone explain to me, why a direct request to ns5.ceiva.com
> works, but a resolution from a different DNS does not.



Fails either way for me:
[root at nsca1 root]# dig www.myprofiles.com

; <<>> DiG 8.3 <<>> www.myprofiles.com 
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 4
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUERY SECTION:
;;      www.myprofiles.com, type = A, class = IN

;; Total query time: 261 msec
;; FROM: nsca1 to SERVER: default -- 216.154.198.178
;; WHEN: Wed Nov 27 20:14:03 2002
;; MSG SIZE  sent: 36  rcvd: 36

[root at nsca1 root]# dig www.myprofiles.com @ns5.ceiva.com

; <<>> DiG 8.3 <<>> www.myprofiles.com @ns5.ceiva.com 
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 6
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUERY SECTION:
;;      www.myprofiles.com, type = A, class = IN

;; Total query time: 95 msec
;; FROM: nsca1 to SERVER: ns5.ceiva.com  192.216.219.2
;; WHEN: Wed Nov 27 20:14:29 2002
;; MSG SIZE  sent: 36  rcvd: 36


> 
> Better yet, how can I accomplish what I am trying to do.  I have no
> administrative access to ns5.ceiva.com, but I still want to be able to
> add/remove entries from my DNS.  I have a DNS of my own, which I can
> control.  What is the proper way to "forward" lookups from
> ns5.ceiva.com to my personal DNS.
> 
> Thanks.
> -AP_

More information about the bind-users mailing list