Unexpected "REFUSED" response.

Kevin Darcy kcd at daimlerchrysler.com
Tue May 18 00:15:49 UTC 2004 

Neil W Rickert wrote:

>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>Kevin Darcy <kcd at daimlerchrysler.com> writes:
>  
>
>>Neil W Rickert wrote:
>>    
>>
>
>  
>
>>>A query from off-campus resulted in the unexpected:
>>>      
>>>
>
>  
>
>>>;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 65093
>>>;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
>>>      
>>>
>
>  
>
>>>;; QUESTION SECTION:
>>>;max.niu.edu.                   IN      A
>>>      
>>>
>
>[lots of snippage]
>
>  
>
>>I'd speculate that the authoritative servers for forlangs.net are 
>>blocking (or, to put it another way, not permitting) queries from the 
>>mp.cs.niu.edu server, or whatever forwarders it's using, if applicable. 
>>    
>>
>
>No.  The logs on mp.cs.niu.edu indicate show that the request was
>denied there.
>
>  
>
>>                                      When you queried from "on-campus" 
>>the queries were coming from some other nameserver which presumably is 
>>    
>>
>
>No, this query was also to mp.cs.niu.edu, demonstrating that the
>servers for forlangs.net are not blocking access.
>
Well, I guess I'm kinda stumped then. You're not using "view"s, are you? 
If so, maybe there's some other zone definition for niu.edu in a 
different view that you overlooked. Also, were you reloading the zone at 
the time of the bad query? Maybe the internal data structures were in an 
inconsistent state and it gave a REFUSED response just to be on the safe 
side. I'm just grasping at straws...

One thing that confuses me, though, is that that nameserver's response 
for the name is completely different now:

% dig max.niu.edu @mp.cs.niu.edu

; <<>> DiG 9.2.2rc1 <<>> max.niu.edu @mp.cs.niu.edu
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20478
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4

;; QUESTION SECTION:
;max.niu.edu.                   IN      A

;; ANSWER SECTION:
max.niu.edu.            86400   IN      A       131.156.124.238

;; AUTHORITY SECTION:
niu.edu.                86400   IN      NS      mp.cs.niu.edu.
niu.edu.                86400   IN      NS      dns1.cso.uiuc.edu.
niu.edu.                86400   IN      NS      netmgr.cso.niu.edu.
niu.edu.                86400   IN      NS      netmgrts.cso.niu.edu.

;; ADDITIONAL SECTION:
mp.cs.niu.edu.          86400   IN      A       131.156.68.41
mp.cs.niu.edu.          86400   IN      A       131.156.145.41
netmgr.cso.niu.edu.     86400   IN      A       131.156.1.11
netmgrts.cso.niu.edu.   86400   IN      A       131.156.126.2

;; Query time: 23 msec
;; SERVER: 131.156.68.41#53(mp.cs.niu.edu)
;; WHEN: Mon May 17 20:09:42 2004
;; MSG SIZE  rcvd: 205

%

What happened to the max.forlangs.net CNAME?

                                                                         
            - Kevin

More information about the bind-users mailing list