Glue records and unable to resolve

Simon Dodd simon.dodd at JOINKLLC.COM
Fri Sep 2 15:49:55 UTC 2005 

We have a customer who reports that she is routinely unable to send mail
to recipients at one specific domain: fenwaygroup.net. The problem seems
to be that our recursors are unable to resolve any records for that
domain name, but the problem seems restricted to this one domain; the
boxes are working just fine for thousands of other customers and
seemingly for every other domain they're asked about. So logic and
reason seem to suggest it has to be a problem on their (Fenway's) end,
but I'm trying to understand exactly what the problem is, so that I can
say definitively that it isn't something we're doing wrong.
 

If do a whois lookup to get their name servers, and if I then query any
of their five name servers, I certainly get an answer:

 

[hostmaster at linux1 master]$ dig @207.115.82.2 mx fenwaygroup.net +short

20 mx2.mastermindpro.com.

10 mx1.mastermindpro.com.

30 mx3.mastermindpro.com.

[hostmaster at linux1 master]$ dig @66.199.187.21 mx fenwaygroup.net +short

30 mx3.mastermindpro.com.

20 mx2.mastermindpro.com.

10 mx1.mastermindpro.com.

[hostmaster at linux1 master]$ dig @207.115.82.5 mx fenwaygroup.net +short

10 mx1.mastermindpro.com.

30 mx3.mastermindpro.com.

20 mx2.mastermindpro.com.

[hostmaster at linux1 master]$ dig @216.163.73.124 mx fenwaygroup.net
+short

20 mx2.mastermindpro.com.

10 mx1.mastermindpro.com.

30 mx3.mastermindpro.com.

[hostmaster at linux1 master]$ dig @66.199.187.22 mx fenwaygroup.net +short

10 mx1.mastermindpro.com.

30 mx3.mastermindpro.com.

20 mx2.mastermindpro.com.

 

The only thing that seems self-consciously wrong is that the NAMES of
their listed name servers don't resolve:

 

[hostmaster at linux1 master]$ dig ZEE.MASTERMINDPRO.COM +short

[hostmaster at linux1 master]$ dig DOUBLEU.MASTERMINDPRO.COM +short

[hostmaster at linux1 master]$ dig EWE.MASTERMINDPRO.COM +short

[hostmaster at linux1 master]$ dig EX.MASTERMINDPRO.COM +short

[hostmaster at linux1 master]$ dig WHY.MASTERMINDPRO.COM +short

 

This is obviously a pretty silly way to have your DNS set up, but to my
understanding of glue records, it shouldn't be a problem - because
surely, when you run a query, the parent zone should return the IP
addresses of the auth name servers (which do respond) not the names? By
reduction alone, this is all I'm left with though:

 

[hostmaster at linux1 master]$ dig mx fenwaygroup.net +trace

 

; <<>> DiG 9.2.1 <<>> mx fenwaygroup.net +trace

;; global options:  printcmd

.                       175241  IN      NS      H.ROOT-SERVERS.NET.

.                       175241  IN      NS      C.ROOT-SERVERS.NET.

.                       175241  IN      NS      G.ROOT-SERVERS.NET.

.                       175241  IN      NS      F.ROOT-SERVERS.NET.

.                       175241  IN      NS      B.ROOT-SERVERS.NET.

.                       175241  IN      NS      J.ROOT-SERVERS.NET.

.                       175241  IN      NS      K.ROOT-SERVERS.NET.

.                       175241  IN      NS      L.ROOT-SERVERS.NET.

.                       175241  IN      NS      M.ROOT-SERVERS.NET.

.                       175241  IN      NS      I.ROOT-SERVERS.NET.

.                       175241  IN      NS      E.ROOT-SERVERS.NET.

.                       175241  IN      NS      D.ROOT-SERVERS.NET.

.                       175241  IN      NS      A.ROOT-SERVERS.NET.

;; Received 436 bytes from 12.109.94.5#53(12.109.94.5) in 6 ms

 

net.                    172800  IN      NS      a.gtld-servers.net.

net.                    172800  IN      NS      g.gtld-servers.net.

net.                    172800  IN      NS      h.gtld-servers.net.

net.                    172800  IN      NS      c.gtld-servers.net.

net.                    172800  IN      NS      i.gtld-servers.net.

net.                    172800  IN      NS      b.gtld-servers.net.

net.                    172800  IN      NS      d.gtld-servers.net.

net.                    172800  IN      NS      l.gtld-servers.net.

net.                    172800  IN      NS      f.gtld-servers.net.

net.                    172800  IN      NS      j.gtld-servers.net.

net.                    172800  IN      NS      k.gtld-servers.net.

net.                    172800  IN      NS      e.gtld-servers.net.

net.                    172800  IN      NS      m.gtld-servers.net.

;; Received 490 bytes from 128.63.2.53#53(H.ROOT-SERVERS.NET) in 37 ms

 

fenwaygroup.net.        172800  IN      NS
doubleu.mastermindpro.com.

fenwaygroup.net.        172800  IN      NS      ewe.mastermindpro.com.

fenwaygroup.net.        172800  IN      NS      ex.mastermindpro.com.

fenwaygroup.net.        172800  IN      NS      why.mastermindpro.com.

fenwaygroup.net.        172800  IN      NS      zee.mastermindpro.com.

;; Received 223 bytes from 192.5.6.30#53(a.gtld-servers.net) in 39 ms

 

dig: Couldn't find server 'doubleu.mastermindpro.com': Name or service
not known

 

Does this not imply that the reason we can't resolve their hostnames is
because they have invalid DNS names for their authoritative name
servers, and if so, how did my understanding of the purpose of glue
records get so far off-track? Or is there another possibility?

 

Regards,

 

Simon Dodd,

Hostmaster,

Joink Internet

 

E: simon.dodd at joinkllc.com

T: +1 (812) 234 5100 x116

F: +1 (812) 234 5144

 

------------------------

"In Critical and baffling situations, it is always best to return to
first principle and simple action" - Sir Winston Churchill

More information about the bind-users mailing list