Difference betwen failed request with addit RR and successfull without.

Tue Feb 14 14:03:17 UTC 2006

Hi, there.

I am having a weird problem here. It looks like my DNS server manages to
resolve DNS queries to the internet name servers on fouth attempt. Sniffing
on the local interface I can see three unreplied requests sent to three
different nameservers then a successful one to another one.

It would not be so rare if those first NS were dead, but they were not
since a direct dig to them actually worked (and works).

The only difference among failed and succesfull requests is that failed
requests have a few more flags active, that is:
- Non-authenticated data OK (meaning non-authenticated data is acceptable)
- Additional RRs flag (so there are additional records)

The additional record present (according to ethereal decode of an snoop run
on my dns server) is a type OPT class unknown with the following fields:
- name: <root>
- type: EDNS0 option
- UDP payload size: 2048
- Higher bist in extended RCODE: 0x0
- EDNS version: 0
- Z: 0x0
- Data length: 0
- Data:

It cannot be that the response from the servers arrives late because I run
snoop for quite some time after the test was finished. So, why are requests
without those flasgs active successfull and the others are not.

BTW, those flags were not active on successfull direct requests with dig
agains external dns servers (bypassing mine).

I am running BIND 9.2.3 on this piece of hardware/software:
root at mvicprb01b16 # uname -a
SunOS mvicprb01b16 5.9 Generic_118558-10 sun4u sparc SUNW,Serverblade1

I can provide with the snoop file to read with ethereal if requested, but I
do not feel I shoudl be posting a binary file here. :)

Thanks a lot

---
Jose Angel Martinez
TME - Direccion de servicios de valor añadido
joseangel.martinezdelavara at telefonica.es
680011327
629805447

___________________________________________________________________________

Este mensaje se dirige exclusivamente a su destinatario y puede contener
información privilegiada o confidencial. Si no es vd. el destinatario
indicado, queda notificado de que la lectura, utilización, divulgación y/o
copia sin autorización está prohibida en virtud de la legislación vigente.
Si ha recibido este mensaje por error, le rogamos que nos lo comunique
inmediatamente por esta misma vía y proceda a su destrucción.

El correo electrónico vía Internet no permite asegurar la confidencialidad
de los mensajes que se transmiten ni su integridad o correcta recepción.
Telefónica no asume ninguna responsabilidad por estas circunstancias.

This message is intended exclusively for its addressee and may contain
information that is CONFIDENTIAL and protected by a professional privilege
or whose disclosure is prohibited by law.If you are not the intended
recipient you are hereby notified that any read, dissemination, copy or
disclosure of this communication is strictly prohibited by law. If this
message has been received in error, please immediately notify us via e-mail
and delete it.

Internet e-mail neither guarantees the confidentiality nor the integrity or
proper receipt of the messages sent. Telefónica does not assume any
liability for those circumstances.
___________________________________________________________________________