+trace works on domain that gives SERVFAIL normally
Mark Andrews
Mark_Andrews at isc.org
Fri Mar 30 02:45:12 UTC 2007
> It gets stuff, but still SERVFAIL
>
> [root at monet1 etc]# rndc flush && dig www.getfirebug.com
>
> ; <<>> DiG 9.2.4 <<>> www.getfirebug.com
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 19879
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;www.getfirebug.com. IN A
>
> ;; Query time: 0 msec
> ;; SERVER: 10.10.10.25#53(10.10.10.25)
> ;; WHEN: Thu Mar 29 15:54:30 2007
> ;; MSG SIZE rcvd: 36
>
> [aclark at monet1 aclark]$ sudo tcpdump -n host 74.52.85.194 or host
> 74.52.85.195
> tcpdump: listening on eth0
> 15:54:30.507599 10.10.10.20.55671 > 74.52.85.195.domain: 3699 [1au] A?
> www.getfirebug.com. (47) (DF)
> 15:54:30.707371 74.52.85.195.domain > 10.10.10.20.55671: 3699*- 2/2/3
> CNAME getfirebug.com., (153) (DF)
OK named accepted the CNAME
> 15:54:30.707609 10.10.10.20.55671 > 74.52.85.194.domain: 8633 [1au] A?
> getfirebug.com. (43) (DF)
> 15:54:30.907549 74.52.85.194.domain > 10.10.10.20.55671: 8633*- 1/2/3 A
> 74.52.85.194 (135) (DF)
Note: dig was talking to 10.10.10.25, tcpdump was showing traffic
from 10.10.10.20. Also dig reported 0 ms whereas the rtt to
the servers is ~200ms.
What is in /etc/resolv.conf?
> -----Original Message-----
> From: Mark_Andrews at isc.org [mailto:Mark_Andrews at isc.org]
> Sent: Thursday, 29 March 2007 3:41 PM
> To: Adam Clark
> Cc: bind-users at isc.org
> Subject: Re: +trace works on domain that gives SERVFAIL normally
>
>
> > I actually took a trace of this :)
>
> And what did it report?
>
> Good through put should look something like this.
>
> drugs# tcpdump -n host 74.52.85.194 or host 74.52.85.195
> tcpdump: verbose output suppressed, use -v or -vv for full protocol
> decode listening on bge0, link-type EN10MB (Ethernet), capture size 96
> bytes
> 15:30:23.670126 IP 192.168.191.236.15072 > 74.52.85.195.53: 47771%
> [1au] AAAA? getfirebug.com. (43)
> 15:30:23.861721 IP 74.52.85.195.53 > 192.168.191.236.15072: 47771*-
> 0/1/1 (100)
>
>
> > -----Original Message-----
> > From: Mark_Andrews at isc.org [mailto:Mark_Andrews at isc.org]
> > Sent: Thursday, 29 March 2007 3:30 PM
> > To: Adam Clark
> > Cc: bind-users at isc.org
> > Subject: Re: +trace works on domain that gives SERVFAIL normally
> >
> >
> > Run "tcpdump -n host 74.52.85.194 or host 74.52.85.195" and
> > see if you are getting reply traffic to named's requests.
> >
> > > I am still exhibiting the same problem and have had a few people
> > > email
> >
> > > me directly to see if I had a solution.
> > >
> > > Which I don't.
> > >
> > > System is RedHat Enterprise Linux 3, all updates applied
> > >
> > > [aclark at monet1 aclark]$ uname -a
> > > Linux monet1.ngv.vic.gov.au 2.4.21-47.0.1.ELsmp #1 SMP Fri Oct 13
> > > 17:56:20 EDT 2006 i686 i686 i386 GNU/Linux
> > >
> > > [aclark at monet1 aclark]$ named -v
> > > BIND 9.2.4
> > >
> > > [aclark at monet1 aclark]$ rpm -q -a | grep bind
> > > bind-libs-9.2.4-20.EL3
> > > bind-9.2.4-20.EL3
> > > bind-utils-9.2.4-20.EL3
> > > bind-chroot-9.2.4-20.EL3
> > >
> > > New example:
> > > [root at monet1 aclark]# rndc flush
> > > [root at monet1 aclark]# dig www.getfirebug.com
> > >
> > > ; <<>> DiG 9.2.4 <<>> www.getfirebug.com ;; global options:
> > > printcmd ;; Got answer:
> > > ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 18888 ;; flags:
>
> > > qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
> > >
> > > ;; QUESTION SECTION:
> > > ;www.getfirebug.com. IN A
> > >
> > > ;; Query time: 219 msec
> > > ;; SERVER: 10.10.10.20#53(10.10.10.20) ;; WHEN: Thu Mar 29 14:13:42
> > > 2007 ;; MSG SIZE rcvd: 36
> > >
> > > [root at monet1 aclark]# dig +trace www.getfirebug.com
> > >
> > > ; <<>> DiG 9.2.4 <<>> +trace www.getfirebug.com ;; global options:
> > > printcmd
> > > . 518389 IN NS b.root-servers.net.
> > > . 518389 IN NS c.root-servers.net.
> > > . 518389 IN NS d.root-servers.net.
> > > . 518389 IN NS e.root-servers.net.
> > > . 518389 IN NS f.root-servers.net.
> > > . 518389 IN NS g.root-servers.net.
> > > . 518389 IN NS h.root-servers.net.
> > > . 518389 IN NS i.root-servers.net.
> > > . 518389 IN NS j.root-servers.net.
> > > . 518389 IN NS k.root-servers.net.
> > > . 518389 IN NS l.root-servers.net.
> > > . 518389 IN NS m.root-servers.net.
> > > . 518389 IN NS a.root-servers.net.
> > > ;; Received 244 bytes from 10.10.10.20#53(10.10.10.20) in 0 ms
> > >
> > > com. 172800 IN NS I.GTLD-SERVERS.NET.
> > > com. 172800 IN NS J.GTLD-SERVERS.NET.
> > > com. 172800 IN NS K.GTLD-SERVERS.NET.
> > > com. 172800 IN NS L.GTLD-SERVERS.NET.
> > > com. 172800 IN NS M.GTLD-SERVERS.NET.
> > > com. 172800 IN NS A.GTLD-SERVERS.NET.
> > > com. 172800 IN NS B.GTLD-SERVERS.NET.
> > > com. 172800 IN NS C.GTLD-SERVERS.NET.
> > > com. 172800 IN NS D.GTLD-SERVERS.NET.
> > > com. 172800 IN NS E.GTLD-SERVERS.NET.
> > > com. 172800 IN NS F.GTLD-SERVERS.NET.
> > > com. 172800 IN NS G.GTLD-SERVERS.NET.
> > > com. 172800 IN NS H.GTLD-SERVERS.NET.
> > > ;; Received 508 bytes from 192.228.79.201#53(b.root-servers.net) in
> > > 172 ms
> > >
> > > getfirebug.com. 172800 IN NS ns1.parakey.com.
> > > getfirebug.com. 172800 IN NS ns2.parakey.com.
> > > ;; Received 112 bytes from 192.43.172.30#53(I.GTLD-SERVERS.NET) in
> > > 370
> >
> > > ms
> > >
> > > www.getfirebug.com. 14400 IN CNAME getfirebug.com.
> > > getfirebug.com. 14400 IN A 74.52.85.194
> > > getfirebug.com. 86400 IN NS ns2.parakey.com.
> > > getfirebug.com. 86400 IN NS ns1.parakey.com.
> > > ;; Received 142 bytes from 74.52.85.194#53(ns1.parakey.com) in 200
> > > ms
> > >
> > >
> > > -----Original Message-----
> > > From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org]
> > > On Behalf Of Adam Clark
> > > Sent: Thursday, 8 February 2007 10:46 AM
> > > To: bind-users at isc.org
> > > Subject: +trace works on domain that gives SERVFAIL normally
> > >
> > > Hi,
> > > We hare having a weird problems. A domain lookup for a particilar
>
> > > domain Produces different results dependant on whether or not the
> > > +trace flag is used.
> > >
> > > Any ideas?
> > >
> > > [root at monet1 etc]# named -v
> > > BIND 9.2.4
> > >
> > > See dig outputs below:
> > >
> > > #################################################################
> > > # 1st dig run
> > > #################################################################
> > > [root at monet1 etc]# rndc flush
> > > [root at monet1 etc]# dig @10.10.10.20 heartofphilosophy.com
> > >
> > > ; <<>> DiG 9.2.4 <<>> @10.10.10.20 heartofphilosophy.com ; (1 server
> > > found) ;; global options: printcmd ;; Got answer:
> > > ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 2935 ;; flags:
> > > qr
> >
> > > rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
> > >
> > > ;; QUESTION SECTION:
> > > ;heartofphilosophy.com. IN A
> > >
> > > ;; Query time: 358 msec
> > > ;; SERVER: 10.10.10.20#53(10.10.10.20) ;; WHEN: Thu Feb 8 10:42:47
> > > 2007 ;; MSG SIZE rcvd: 39
> > >
> > > #################################################################
> > > # 2nd dig run
> > > #################################################################
> > > [root at monet1 etc]# rndc flush
> > > [root at monet1 etc]# dig +trace @10.10.10.20 heartofphilosophy.com
> > >
> > > ; <<>> DiG 9.2.4 <<>> +trace @10.10.10.20 heartofphilosophy.com ; (1
>
> > > server found) ;; global options: printcmd
> > > . 518400 IN NS J.ROOT-SERVERS.NET.
> > > . 518400 IN NS K.ROOT-SERVERS.NET.
> > > . 518400 IN NS L.ROOT-SERVERS.NET.
> > > . 518400 IN NS M.ROOT-SERVERS.NET.
> > > . 518400 IN NS A.ROOT-SERVERS.NET.
> > > . 518400 IN NS B.ROOT-SERVERS.NET.
> > > . 518400 IN NS C.ROOT-SERVERS.NET.
> > > . 518400 IN NS D.ROOT-SERVERS.NET.
> > > . 518400 IN NS E.ROOT-SERVERS.NET.
> > > . 518400 IN NS F.ROOT-SERVERS.NET.
> > > . 518400 IN NS G.ROOT-SERVERS.NET.
> > > . 518400 IN NS H.ROOT-SERVERS.NET.
> > > . 518400 IN NS I.ROOT-SERVERS.NET.
> > > ;; Received 228 bytes from 10.10.10.20#53(10.10.10.20) in 1 ms
> >
> > > com. 172800 IN NS A.GTLD-SERVERS.NET.
> > > com. 172800 IN NS G.GTLD-SERVERS.NET.
> > > com. 172800 IN NS H.GTLD-SERVERS.NET.
> > > com. 172800 IN NS C.GTLD-SERVERS.NET.
> > > com. 172800 IN NS I.GTLD-SERVERS.NET.
> > > com. 172800 IN NS B.GTLD-SERVERS.NET.
> > > com. 172800 IN NS D.GTLD-SERVERS.NET.
> > > com. 172800 IN NS L.GTLD-SERVERS.NET.
> > > com. 172800 IN NS F.GTLD-SERVERS.NET.
> > > com. 172800 IN NS J.GTLD-SERVERS.NET.
> > > com. 172800 IN NS K.GTLD-SERVERS.NET.
> > > com. 172800 IN NS E.GTLD-SERVERS.NET.
> > > com. 172800 IN NS M.GTLD-SERVERS.NET.
> > > ;; Received 511 bytes from 192.58.128.30#53(J.ROOT-SERVERS.NET) in
> > > 310
> >
> > > ms
> > >
> > > heartofphilosophy.com. 172800 IN NS ns1.alexsrv30.com.
> > > heartofphilosophy.com. 172800 IN NS ns2.alexsrv30.com.
> > > ;; Received 117 bytes from 192.5.6.30#53(A.GTLD-SERVERS.NET) in 1004
>
> > > ms
> > >
> > > heartofphilosophy.com. 14400 IN A 75.126.34.72
> > > heartofphilosophy.com. 86400 IN NS ns1.alexsrv30.com.
> > > heartofphilosophy.com. 86400 IN NS ns2.alexsrv30.com.
> > > ;; Received 133 bytes from 75.126.27.219#53(ns1.alexsrv30.com) in
> > > 201 ms
> > >
> > >
> > > Adam Clark
> > > Network Administrator
> > >
> > > National Gallery of Victoria
> > > 180 St Kilda Road Melbourne Vic 3004 Australia
> > > Telephone: +61 3 8620 2369
> > > Fax: +61 3 8620 2565
> > > www.ngv.vic.gov.au
> > >
> > > Keep informed of the latest NGV exhibitions, special events and
> > > programs at The Ian Potter Centre: NGV Australia and NGV
> > > International
> >
> > > by subscribing to NGV at RT, the NGV's free e-newsletter.
> > >
> > > DISCLAIMER: This email and any files transmitted with it are
> > > confidential and intended solely for bind-users at isc.org. If you are
> > > not the named addressee you should not disseminate, copy or alter
> > > this
> >
> > > email. WARNING: Although National Gallery of Victoria has taken
> > > reasonable precautions to ensure no viruses are present in this
> > > email,
> >
> > > the organisation cannot accept responsibility for any loss or damage
>
> > > arising from the use of this email or attachment.
> > >
> > >
> > >
> > --
> > Mark Andrews, ISC
> > 1 Seymour St., Dundas Valley, NSW 2117, Australia
> > PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
> >
> >
> >
> --
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
>
>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users
mailing list