Adress lookup for authoritative server fails
Mark_Andrews at isc.org
Mark_Andrews at isc.org
Thu Nov 20 22:43:56 UTC 2003
Firstly minolta-qms.de has a broken delegation. The NS RRsets
are not the same in the parent as in the child.
minolta-qms.de. 86400 IN NS ns1.catsys.de.
minolta-qms.de. 86400 IN NS ns2.catsys.de.
;; Received 79 bytes from 81.91.161.5#53(A.NIC.de) in 670 ms
www.minolta-qms.de. 300 IN A 81.89.192.73
minolta-qms.de. 7200 IN NS ns1.megsystems.net.
minolta-qms.de. 7200 IN NS ns2.megsystems.net.
minolta-qms.de. 7200 IN NS ns3.megsystems.net.
;; Received 168 bytes from 81.89.192.67#53(ns1.catsys.de) in 663 ms
Secondly you need to upgrade your nameserver. With the
current configuration the nameserver chaining distance is
to big for your server.
Too lookup minolta-qms.de you have to first lookup catsys.de.
Too lookup catsys.de you have to first lookup megsystems.net.
Looking up megsystems.net uses glue from net.
Old versions of named have a chaining distance of 1. This
was not a problem when nameservers lived in the zones they
served. When the delegation information for minolta-qms.de
is updated to that in the child zone this condition will be
restored.
Mark
> Hi,
>
> i've got a strange problem. There are some domain names that my bind cannot
> resolve. For example, wenn i run "host www.minolta-qms.de", my server does
> the following (tcpdump output):
>
> 16:16:52.742371 zeus2.ba-dresden.de.filenet-tms > e.nic.de.domain: 45759 A?
> ns1.catsys.de. (31) (DF)
> 16:16:52.742371 zeus2.ba-dresden.de.filenet-tms > e.nic.de.domain: 64608 A?
> ns2.catsys.de. (31) (DF)
> 16:16:52.742371 zeus2.ba-dresden.de.filenet-tms > e.nic.de.domain: 34949 A?
> minolta-qms.de. (32) (DF)
> 16:16:52.772371 e.nic.de.domain > zeus2.ba-dresden.de.filenet-tms: 45759-
> 0/3/0 (99) (DF)
> 16:16:52.772371 e.nic.de.domain > zeus2.ba-dresden.de.filenet-tms: 64608-
> 0/3/0 (99) (DF)
> 16:16:52.772371 e.nic.de.domain > zeus2.ba-dresden.de.filenet-tms: 34949-
> 0/2/0 (75) (DF)
> 16:16:52.772371 zeus2.ba-dresden.de.filenet-tms > e.nic.de.domain: 53566 A?
> ns1.catsys.de. (31) (DF)
> 16:16:52.772371 zeus2.ba-dresden.de.filenet-tms > e.nic.de.domain: 63707 A?
> ns2.catsys.de. (31) (DF)
> 16:16:52.802371 e.nic.de.domain > zeus2.ba-dresden.de.filenet-tms: 53566-
> 0/3/0 (99) (DF)
> 16:16:52.802371 e.nic.de.domain > zeus2.ba-dresden.de.filenet-tms: 63707-
> 0/3/0 (99) (DF)
> 16:16:57.742371 zeus2.ba-dresden.de.filenet-tms > e.nic.de.domain: 11212 A?
> ns1.catsys.de. (31) (DF)
> 16:16:57.742371 zeus2.ba-dresden.de.filenet-tms > e.nic.de.domain: 60884 A?
> ns2.catsys.de. (31) (DF)
> 16:16:57.742371 zeus2.ba-dresden.de.filenet-tms > e.nic.de.domain: 57996 A?
> minolta-qms.de. (32) (DF)
> 16:16:57.762371 e.nic.de.domain > zeus2.ba-dresden.de.filenet-tms: 11212-
> 0/3/0 (99) (DF)
> 16:16:57.772371 e.nic.de.domain > zeus2.ba-dresden.de.filenet-tms: 60884-
> 0/3/0 (99) (DF)
> 16:16:57.772371 e.nic.de.domain > zeus2.ba-dresden.de.filenet-tms: 57996-
> 0/2/0 (75) (DF)
> 16:16:57.772371 zeus2.ba-dresden.de.filenet-tms > e.nic.de.domain: 54094 A?
> ns1.catsys.de. (31) (DF)
> 16:16:57.772371 zeus2.ba-dresden.de.filenet-tms > e.nic.de.domain: 27530 A?
> ns2.catsys.de. (31) (DF)
> 16:16:57.802371 e.nic.de.domain > zeus2.ba-dresden.de.filenet-tms: 54094-
> 0/3/0 (99) (DF)
> 16:16:57.802371 e.nic.de.domain > zeus2.ba-dresden.de.filenet-tms: 27530-
> 0/3/0 (99) (DF)
>
> The server gets two authoritative servers for minolta-qms.de: ns1 and
> ns2.catsys.de.
> while querying the ip adresses of these it gets 3 authoritative servernames
> for the
> zone catsys.de, but it doesn't query the adresses of these. The result is
> that i get
> a "non-existent domain" message.
>
> But when i first do e.g. "host ns1.catsys.de" before runnning "host
> www.minolta-qms.de"
> the resulution works. This behaviour does not only occur with this name,
> but with
> every name whose resolution gives me some authoritative servers in the
> first step
> and some authoritative servers, when bind tries to get the adresses of of
> the first
> authoritative servers.
>
> I think there is an error in the configuration, but i don't know what
> exactly the error is.
>
> thx, jan
> --
> Jan Wätzig
> Laboringenieur
> Berufsakademie Dresden
>
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at isc.org
More information about the bind-users
mailing list