Wrong Data in remote DNS cache

Kevin Darcy kcd at daimlerchrysler.com
Fri Aug 22 21:47:46 UTC 2003 

Philipp Morger wrote:

> Hi list
>
> Sorry, for the lame Subject, but the Problem is a little bit complex...
>
> We have a secondary MX, where remote DNS have wrong entries... let me
> show you
>
> Which NS we ask:
> ;; QUESTION SECTION:
> ;easynet.ch.                    IN      NS
>
> ;; ANSWER SECTION:
> easynet.ch.             85197   IN      NS      ns1.ch.easynet.net.
> easynet.ch.             85197   IN      NS      zermatt.ns.ch.easynet.net.
> easynet.ch.             85197   IN      NS      ns0.ch.easynet.net.
>
> --($:~)--  dig lexx.zh.as8758.net @ns0.ch.easynet.net
>
> ; <<>> DiG 9.2.2 <<>> lexx.zh.as8758.net @ns0.ch.easynet.net
> ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45254
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 5
>
> ;; QUESTION SECTION:
> ;lexx.zh.as8758.net.            IN      A
>
> ;; ANSWER SECTION:
> lexx.zh.as8758.net.     258778  IN      A       212.25.28.4
>
> ;; AUTHORITY SECTION:
> as8758.net.             85434   IN      NS      dns.dolphins.ch.
> as8758.net.             85434   IN      NS      lexx.zh.as8758.net.
> as8758.net.             85434   IN      NS      moya.glb.as8758.net.
>
> --($:~)--  dig lexx.zh.as8758.net @ns1.ch.easynet.net
>
> ; <<>> DiG 9.2.2 <<>> lexx.zh.as8758.net @ns1.ch.easynet.net
> ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53276
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 5
>
> ;; QUESTION SECTION:
> ;lexx.zh.as8758.net.            IN      A
>
> ;; ANSWER SECTION:
> lexx.zh.as8758.net.     208527  IN      A       212.25.28.4
>
> ;; AUTHORITY SECTION:
> as8758.net.             24787   IN      NS      dns.dolphins.ch.
> as8758.net.             24787   IN      NS      lexx.zh.as8758.net.
> as8758.net.             24787   IN      NS      moya.glb.as8758.net.
>
> --($:~)-- dig lexx.zh.as8758.net @zermatt.ns.ch.easynet.net
>
> ; <<>> DiG 9.2.2 <<>> lexx.zh.as8758.net @zermatt.ns.ch.easynet.net
> ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3075
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 5
>
> ;; QUESTION SECTION:
> ;lexx.zh.as8758.net.            IN      A
>
> ;; ANSWER SECTION:
> lexx.zh.as8758.net.     171584  IN      A       212.28.25.4
>
> ;; AUTHORITY SECTION:
> as8758.net.             344384  IN      NS      lexx.zh.as8758.net.
> as8758.net.             344384  IN      NS      moya.glb.as8758.net.
> as8758.net.             344384  IN      NS      dns.dolphins.ch.
>
> please note, that the 3rd lookup returns 212.28.25.4 instead of 212.25.28.4
>
> I searched all the dns-files on all our 3 dns... nothing...
> I made 100 lookups on every dns.. everytime I got the right response
>
> Thise phenomena, was seen on colt, easynet and some others... as for colt they
> use BIND8, same version on 2 dns, one had it right and one wrong...
>
> Versions installed here:
>
> dig @dns.dolphins.ch version.bind chaos txt
> version.bind.           0       CH      TXT     "9.2.2"
> dig @lexx.zh.as8758.net version.bind chaos txt
> VERSION.BIND.           0       CH      TXT     "8.3.1-REL"
> dig @moya.glb.as8758.net version.bind chaos txt
> version.bind.           0       CH      TXT     "9.2.2"
>
> Due to the nature of the error I suspect that the fault is on out site,
> but I can't imageine what's the problem - BIND8 runs there for ages,
> we never had problems with it.. one bind9 server is running for a year, without
> problems, the other bind9 (slave) we installed a 2 months ago... the wrong lookups
> started 2-3 weeks, I almost consider the new dns the problem, but it's the same version
> the master server - and I have no proof.... Honestly, I'm clueless... and I hate that.
> So any advice is highly welcome!

It's the servers for "net" that have a stale "glue" record for lexx.zh.as8758.net:

% dig lexx.zh.as8758.net. @a.gtld-servers.net.

; <<>> DiG 8.3 <<>> lexx.zh.as8758.net. @a.gtld-servers.net.
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
;; flags: qr rd; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 2
;; QUERY SECTION:
;;      lexx.zh.as8758.net, type = A, class = IN

;; ANSWER SECTION:
lexx.zh.as8758.net.     2D IN A         212.28.25.4

;; AUTHORITY SECTION:
as8758.net.             2D IN NS        dns.dolphins.ch.
as8758.net.             2D IN NS        dns.as8758.net.
as8758.net.             2D IN NS        moya.glb.as8758.net.

;; ADDITIONAL SECTION:
dns.as8758.net.         2D IN A         212.25.28.4
moya.glb.as8758.net.    2D IN A         212.25.28.35

;; Total query time: 48 msec
;; FROM: fwiod01.is.chrysler.com to SERVER: a.gtld-servers.net.  192.5.6.30
;; WHEN: Fri Aug 22 17:24:28 2003
;; MSG SIZE  sent: 36  rcvd: 154

%

Presumably there's a glue record because lexx.zh.as8758.net is a nameserver for some
domain. Normally you'd go through your registrar to get a delegated nameserver's address
changed.


- Kevin

More information about the bind-users mailing list