Weird DNS Problems
Simon Hobson
shobson0309 at colony.com
Wed Dec 15 12:24:33 UTC 2004
D McDonald wrote:
>About a week ago we switched the DNS server of our domain
>saturncorp.com to ns.saturncorp.com. It's a redhat
>machine running bind 9.2.3. However it now seems that on some DNS
>servers are unable to resolve some addresses.
>For example on one isp www.saturncorp.com works fine (non-auth), but
>ftp.saturncorp.com doesnt work. It appears
>that some of these servers are running on cache alone, im not sure.
>This is only the second BIND server ive set
>up, and the first was a internal server.
There is some confusion :
$ dig @e.gtld-servers.net saturncorp.com ns
; <<>> DiG 9.2.2 <<>> @e.gtld-servers.net saturncorp.com ns
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60437
;; flags: qr rd; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 3
;; QUESTION SECTION:
;saturncorp.com. IN NS
;; ANSWER SECTION:
saturncorp.com. 172800 IN NS cbru.br.ns.els-gms.att.net.
saturncorp.com. 172800 IN NS cmtu.mt.ns.els-gms.att.net.
saturncorp.com. 172800 IN NS ns.saturncorp.com.
;; ADDITIONAL SECTION:
cbru.br.ns.els-gms.att.net. 172800 IN A 199.191.128.105
cmtu.mt.ns.els-gms.att.net. 172800 IN A 12.127.16.69
ns.saturncorp.com. 172800 IN A 12.23.213.25
;; Query time: 178 msec
;; SERVER: 192.12.94.30#53(e.gtld-servers.net)
;; WHEN: Wed Dec 15 12:19:13 2004
;; MSG SIZE rcvd: 159
$ dig @12.23.213.25 saturncorp.com ns
; <<>> DiG 9.2.2 <<>> @12.23.213.25 saturncorp.com ns
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24412
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;saturncorp.com. IN NS
;; ANSWER SECTION:
saturncorp.com. 43200 IN NS 12.23.213.25.saturncorp.com.
;; Query time: 130 msec
;; SERVER: 12.23.213.25#53(12.23.213.25)
;; WHEN: Wed Dec 15 12:19:21 2004
;; MSG SIZE rcvd: 59
$ dig @12.127.16.69 saturncorp.com ns
; <<>> DiG 9.2.2 <<>> @12.127.16.69 saturncorp.com ns
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33078
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 2
;; QUESTION SECTION:
;saturncorp.com. IN NS
;; ANSWER SECTION:
saturncorp.com. 3600 IN NS cbru.br.ns.els-gms.att.net.
saturncorp.com. 3600 IN NS cmtu.mt.ns.els-gms.att.net.
;; ADDITIONAL SECTION:
cbru.br.ns.els-gms.att.net. 86400 IN A 199.191.128.105
cmtu.mt.ns.els-gms.att.net. 86400 IN A 12.127.16.69
;; Query time: 125 msec
;; SERVER: 12.127.16.69#53(12.127.16.69)
;; WHEN: Wed Dec 15 12:19:26 2004
;; MSG SIZE rcvd: 126
It looks like the root nameservers are listing three servers as
handling your domain - and two of those are claiming to be the only
ones handling it.
So what happens is down to luck, ie which nameserver happens to get used.
You need to get cbru.br.ns.els-gms.att.net. and
cmtu.mt.ns.els-gms.att.net. either removed as nameservers for your
domain in the root zone, or get them sorted so they give the same
information out as your server.
However, IIRC, they won't let you list just one server.
Simon
--
NOTE: This is a throw-away email address which will reach me for as
long as it stays spam-free, remove date for real address.
Simon Hobson MA MIEE, Technology Specialist
Colony Gift Corporation Limited
Lindal in Furness, Ulverston, Cumbria, LA12 0LD
Tel 01229 461100, Fax 01229 461101
Registered in England No. 1499611
Regd. Office : 100 New Bridge Street, London, EC4V 6JA.
More information about the bind-users
mailing list