Strange domain issues - waterco.com.my

Clenna Lumina savagebeaste at yahoo.com
Mon Jun 4 06:12:57 UTC 2007 

I get this:

$ dig @ns1.waterco.com.my waterco.com.my mx
;; reply from unexpected source: 60.51.231.186#1077, expected 
60.51.231.186#53
;; reply from unexpected source: 60.51.231.186#1077, expected 
60.51.231.186#53
;; reply from unexpected source: 60.51.231.186#1077, expected 
60.51.231.186#53

; <<>> DiG 9.3.4 <<>> @ns1.waterco.com.my waterco.com.my mx
; (1 server found)
;; global options:  printcmd
;; connection timed out; no servers could be reached


It seems to me the problem is the query goes to ns1.waterco.com.my 
[60.51.231.186] port 53, BUT comes back from the same host on port 1077.

The moral: Bind doesn't like port to/from mismatches. This is probably a 
host behind a router/firewall.

Adding this to the options { } block should fix it, if the NAT is 
configured to preserve the original source port of an outgoing packet:

options {
   query-source: address * port 53;
};

The address can be an ip of a specific interface too.


Dawn Connelly wrote:
> Try digging at the IP address of their DNS server rather than at it's
> name. That appears to be working. I was noticing a lot of
> latency...at least from where I was querying. It might be that when
> you query against the name rather than the IP it's taking too long to
> resolve that and to resolve the query you are making so it's timing
> out.
> What exactly does the bounce back say? It might be that it's
> rejecting the inbound email because you don't have a PTR record or
> something like that. There are lots of things that email could be
> looking at when it comes to DNS.
>
> On 5/24/07, Elias <elias at streamyx.com> wrote:
>>
>> Hi guys,
>> We've been unable to send mails to waterco.com.my and mails always
>> bounce back saying that its a DNS issue. Digging further, we can get
>> a response via 'dig waterco.com.my' but no responses via 'dig
>> @ns1.waterco.com.my waterco.com.my mx' or 'dig @ns2.waterco.com.my
>> waterco.com.my mx'. Is
>> there any logic to this? We seem to think that its probably some
>> weird firewall issue but have no experience troubleshooting these
>> cases.
>>
>> # dig waterco.com.my mx
>>
>> ; <<>> DiG 9.4.0 <<>> waterco.com.my mx
>> ;; global options:  printcmd
>> ;; Got answer:
>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1197
>> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1
>>
>> ;; QUESTION SECTION:
>> ;waterco.com.my.                        IN      MX
>>
>> ;; ANSWER SECTION:
>> waterco.com.my.         3600    IN      MX      10 mx.waterco.com.my.
>>
>> ;; AUTHORITY SECTION:
>> waterco.com.my.         3597    IN      NS      ns2.waterco.com.my.
>> waterco.com.my.         3597    IN      NS      ns1.waterco.com.my.
>>
>> ;; ADDITIONAL SECTION:
>> mx.waterco.com.my.      3600    IN      A       60.51.231.187
>>
>> ;; Query time: 14 msec
>> ;; SERVER: 127.0.0.1#53(127.0.0.1)
>> ;; WHEN: Thu May 24 20:16:10 2007
>> ;; MSG SIZE  rcvd: 103
>>
>>
>> # dig @ns1.waterco.com.my waterco.com.my mx
>>
>> ; <<>> DiG 9.4.0 <<>> @ns1.waterco.com.my waterco.com.my mx
>> ; (1 server found)
>> ;; global options:  printcmd
>> ;; connection timed out; no servers could be reached
>>
>>
>> I've contacted the domain owner but they seem to say that
>> everything's alright at their end. Can anybody help verify if you
>> guys are also seing the same thing? Any assistance rendered is
>> greatly appreciated. Thanks!



-- 
. Alfred Z. Newmane .

More information about the bind-users mailing list