Bind9 - Can't ping domain sometimes

Kevin Darcy kcd at daimlerchrysler.com
Thu Dec 11 22:44:32 UTC 2003 

Gary Mayor wrote:

>Hi,
>I've got bind9 running with about 30 domains. Now sometimes it seems 
>fine but sometimes i can't access my domains from my location but i can 
>if i go here,
>http://www.dapyxis.com/support/ping.php
>If i do a ping test there it works all the time but i can't access my 
>domains from my home machine. The only way i can do it is to change the 
>nameservers it uses when it connects to the net. If i change the 
>nameservers to the ip address of my server machine i can then access the 
>domains. One in particular is onebm.com. I've setup smtp with sendmail 
>and if i use smtp.onebm.com with the normal nameservers of the isp it 
>doesn't work but if i change them to my machine it works. This is the 
>same with all my domains it's not just the smtp if i use www.onebm.com 
>it still doesn't work. If i do a dnsreport
>http://www.dnsreport.com/tools/dnsreport.ch?domain=onebm.com
>Everything seems ok apart from a couple of warns but sometimes i do a 
>dns report and it can't connect to the domain.
>
>I've also setup nameservers for onebm.com. ns1.onebm.com and 
>ns2.onebm.com. Now after pointing a load of domains at the those 
>nameservers some work all the time some work sometimes and some couldn't 
>validate the ip address of the nameserver change.
>
>It seems unreliable so what is going on here. I'm on a servermatrix 
>dedicated server and when i use there nameservers everything is fine.
>
Here are your zone contents:

% dig onebm.com axfr @ns1.onebm.com

; <<>> DiG 9.2.2rc1 <<>> onebm.com axfr @ns1.onebm.com
;; global options: printcmd
onebm.com. 38400 IN SOA 69.56.188.6. onebm.com. 2003111224 10800 3600 
604800 38400
onebm.com. 38400 IN NS ns1.onebm.com.
onebm.com. 38400 IN NS ns2.onebm.com.
onebm.com. 38400 IN MX 5 mail.onebm.com.
onebm.com. 38400 IN A 69.56.188.6
ftp.onebm.com. 38400 IN A 69.56.188.6
mail.onebm.com. 38400 IN PTR onebm.com.onebm.com.
mail.onebm.com. 38400 IN A 69.56.188.6
smtp.onebm.com. 38400 IN A 69.56.188.6
www.onebm.com. 38400 IN A 69.56.188.6
onebm.com. 38400 IN SOA 69.56.188.6. onebm.com. 2003111224 10800 3600 
604800 38400
;; Query time: 42 msec
;; SERVER: 69.56.188.6#53(ns1.onebm.com)
;; WHEN: Thu Dec 11 17:32:45 2003
;; XFR size: 12 records

%

A few things:

1. The MNAME field of the SOA record is set to the name (as opposed to 
the address) "69.56.188.6"
2. The RNAME field of the SOA record contains "onebm.com", which would 
get interpreted as the email address "onebm at com" (hint: the first dot in 
the RNAME field gets converted to a @ when constructing the email address).
3. I'm unsure of the purpose of the PTR record named "mail.onebm.com" 
(usually PTR records are owned by in-addr.arpa names).
4. No A records in your zone for ns1.onebm.com and ns2.onebm.com.
5. According to the glue records from the .com servers, ns1.onebm.com 
and ns2.onebm.com resolve to the same IP address. This is quite likely 
to cause intermittent resolution problems: anytime that one nameserver 
hiccups, your entire zone goes off the air. The purpose of requiring 2 
nameservers for every zone is REDUNDANCY. It's not just some arbitrary 
restriction...

- Kevin

More information about the bind-users mailing list