"no data known" vrs "host not found"

Tue Mar 26 01:28:27 UTC 2002

Barry Margolin wrote:
> 
> In article <a7o8n2$mdh at pub3.rc.vix.com>, admjcd  <admjcd at VOLPE.DOT.GOV> wrote:
> >So your saying the mail server does some weird query to the dns server
> >and the query fails.
> 
> The query isn't particularly weird, but the army.mil servers seem to
> respond incorrectly to it.
> 
[snip of Barry's discussion up to this point]

Barry, your analysis suggests that it would be interesting to know what
MTA is being used by admjcd.  It has been awhile since I administered
sendmail, but it has several DNS lookup tuning options that may have
some bearing on this puzzle.  admjcd can you tell us?  Is it sendmail
and if so what version?

Also, I thought it might be interesting to take a quick 'doc' look at
dot.gov. on the chance that what we are seeing might be related to the
servers listed in the client's /etc/resolv (or the Microsoft (CAM, UUoA)
equivalent).  It looks like there is some work to be done to clean up
dot.gov.

Doc-2.2.3: doc -v -p dot.gov.
Doc-2.2.3: Starting test of dot.gov.   parent is gov.
Doc-2.2.3: Test date - Mon Mar 25 20:06:19 EST 2002
Note: Skipping parent domain testing
Found 5 NS and 3 glue records for dot.gov. @a.root-servers.net.
(non-AUTH)
Using NSlist from parent domain server a.root-servers.net.
NS list summary for dot.gov. from parent (gov.) servers
  == auth120.ns.uu.net. dns1.dot.gov. dns2.dot.gov.
  == nsdc.ba-dsg.net. rns.dot.gov.
soa @auth120.ns.uu.net. for dot.gov. serial: 2000282596
soa @dns1.dot.gov. for dot.gov. serial: 2000282596
soa @dns2.dot.gov. for dot.gov. serial: 2000282596
soa @nsdc.ba-dsg.net. for dot.gov. serial: 2000282572
soa @rns.dot.gov. for dot.gov. serial: 2000282598
WARN: Found 3 unique SOA serial #'s for dot.gov.
Authoritative domain (dot.gov.) servers agree on NS for dot.gov.
ERROR: NS list from dot.gov. authoritative servers does not
  === match NS list from parent (gov.) servers
NS list summary for dot.gov. from authoritative servers
  == dns1.dot.gov. dns2.dot.gov. rns.dot.gov.
ERROR: auth120.ns.uu.net. claims to be authoritative, but does not
appear in
NS list from authoritative servers
ERROR: nsdc.ba-dsg.net. claims to be authoritative, but does not appear
in
NS list from authoritative servers
Checking 2 potential addresses for hosts at dot.gov.
  == 199.79.179.200 199.79.180.25
in-addr PTR record found for 199.79.179.200
in-addr PTR record found for 199.79.180.25
Summary:
   ERRORS found for dot.gov. (count: 3)
   WARNINGS issued for dot.gov. (count: 1)
Done testing dot.gov.  Mon Mar 25 20:06:41 EST 2002

Here is 'doc' for hua.army.mil which at the time of the test looks OK.

Doc-2.2.3: doc -v hua.army.mil.
Doc-2.2.3: Starting test of hua.army.mil.   parent is army.mil.
Doc-2.2.3: Test date - Mon Mar 25 20:18:21 EST 2002
soa @ns01.army.mil. for army.mil. has serial: 10000
soa @ns02.army.mil. for army.mil. has serial: 10000
soa @ns03.army.mil. for army.mil. has serial: 10000
SOA serial #'s agree for army.mil. domain
Found 3 NS and 3 glue records for hua.army.mil. @ns01.army.mil. (AUTH)
Found 3 NS and 3 glue records for hua.army.mil. @ns02.army.mil. (AUTH)
Found 3 NS and 3 glue records for hua.army.mil. @ns03.army.mil. (AUTH)
DNServers for army.mil.
   === 3 were also authoritatve for hua.army.mil.
   === 0 were non-authoritative for hua.army.mil.
Servers for army.mil. that are also authoritative for hua.army.mil.
   === agree on NS records for hua.army.mil.
NS list summary for hua.army.mil. from parent (army.mil.) servers
  == ns01.army.mil. ns02.army.mil. ns03.army.mil.
soa @ns01.army.mil. for hua.army.mil. serial: 10000
soa @ns02.army.mil. for hua.army.mil. serial: 10000
soa @ns03.army.mil. for hua.army.mil. serial: 10000
SOA serial #'s agree for hua.army.mil.
Authoritative domain (hua.army.mil.) servers agree on NS for
hua.army.mil.
NS list from hua.army.mil. authoritative servers matches list from
  === parent (army.mil.) servers also authoritative for hua.army.mil.
Checking 0 potential addresses for hosts at hua.army.mil.
  ==
Summary:
   No errors or warnings issued for hua.army.mil.
Done testing hua.army.mil.  Mon Mar 25 20:18:48 EST 2002