Troubles with bind resolving zip4.usps.com
Joseph S D Yao
jsdy at center.osis.gov
Thu Aug 4 01:33:29 UTC 2005
On Wed, Aug 03, 2005 at 04:29:32PM -0700, spork.sporkman at gmail.com wrote:
> This one's got me stumped. I've had no problems resolving this on
> boxes that run dnscache locally, but my bind boxes are giving me no
> answers, nothing in the logs.
>
> BIND version 9.2.3rc4
> Both FreeBSD 4.x and Linux 2.4.x
>
> This is a subdomain delegated by the usps.com nameservers. Here's what
> dig tells me:
...
> root at nameserver[~]# dig @56.0.82.25 zip4.usps.com
>
> ; <<>> DiG 8.3 <<>> @56.0.82.25 zip4.usps.com
> ; (1 server found)
> ;; res options: init recurs defnam dnsrch
> ;; got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4
> ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 2
> ;; QUERY SECTION:
> ;; zip4.usps.com, type = A, class = IN
>
> ;; AUTHORITY SECTION:
> zip4.usps.com. 1H IN NS nseag.usps.com.
> zip4.usps.com. 1H IN NS nssam.usps.com.
>
> ;; ADDITIONAL SECTION:
> nseag.usps.com. 1H IN A 56.0.133.232
> nssam.usps.com. 1H IN A 56.0.65.232
>
> ;; Total query time: 81 msec
> ;; FROM: nameserver.xxx.net to SERVER: 56.0.82.25 56.0.82.25
> ;; WHEN: Wed Aug 3 19:26:09 2005
> ;; MSG SIZE sent: 31 rcvd: 103
...
Note that the NS records are in the AUTHORITY section, and there is no
ANSWER section! The name server is somehow not delegating, but is aware
of the name server. I can't quite think how one could misconfigure BIND
to do this, but it may not be a BIND name server.
In any case, without the ANSWERs, you're not going to get a response.
OBTW, I've seen your Web comic. ;-)
--
Joe Yao
-----------------------------------------------------------------------
This message is not an official statement of OSIS Center policies.
More information about the bind-users
mailing list