DNS client failing to query a particular domain only.
Bill Larson
wllarso at swcp.com
Fri Mar 31 20:03:45 UTC 2006
On Mar 31, 2006, at 6:02 AM, Manjunath H N wrote:
> A client of our company is not able to query any DNS records for our
> domain, I tried troubleshooting at my end & confirmed that there was no
> error at our end.
It would REALLY help if you would tell us the domain in question. I'm
guessing that you are referring to "mphasis.com" but don't know this
for sure.
Anyway, I don't see any connectivity problems getting information about
the "mphasis.com" domain. This domain is delegated to
"dns.mpahsis.com", "dns1.mphasis.com", "ns1.eldocomp.com", and
"ns2.eldocomp.com". But, dns1.mphasis.com is returning a different
serial number than the other servers. This server also reports back a
different set of authoritative servers than the others. It looks like
dns1 hasn't performed a zone transfer to sync itself with the master
server.
> I somehow managed to get access to one of the machines in their network
> & when I try to query for any DNS RR or simple name lookup for our
> domain, it gives DNS Timed out error, so I thought it could be a
> problem
> with their DNS & I did a lookup using other name servers on the same
> client machine, but still getting the same DNS Timed out errors. I also
> tried increasing the querying time to 10 seconds, but that did not help
> much either.
>
> Also he claims that our records don't exist on Root Servers, which is
> not true.
Try running "dig mphasis.com soa +trace". This will return a list of
the servers that are queried for this information, including the root
servers, GTLD servers, and the authoritative "mphasis.com" servers.
This should tell you where the query is failing.
> And because of this they are not able to send mails to my domain, as it
> gives DNS Query failure.
>
> I am not sure what DNS they are using, so don't know whether it is
> patched correctly or not.
They could have a very broken DNS service.
> Could this be because of Cache poisoning ?? I am going to have a call
> with the team today & try to analyze what else could be the problem.
Could be, but without further information, who knows. The "dig...
+trace" command should be able to identify this type of problem. If
there is cache poisoning you will see unusual servers being queried
along the way. The servers MAY have the same name, so you will also
have to check the IP addresses of the servers too.
Bill Larson
More information about the bind-users
mailing list