dig t.medialytics.com and dig t.medialytics.com +trace return different results

Chad Leigh -- Shire.Net LLC chad at shire.net
Mon Jul 7 00:57:44 UTC 2008 

I am having an issue and hopefully this is a reasonable place to ask it.

bind is 9.3.2

I have set up some new services for a customer on one of my servers.   
They maintain their own dns elsewhere so I am not providing dns for  
this domain.  I gave them the IP address for their new service I host  
and they added it to their dns for the domain.  The new record was  
for  t.medialytics.com  .  However, I cannot access it since my own  
name servers return bogus information.  I am not sure at all why.  I  
have checked each of the gtld servers to see if there was bad info,  
but that was not it.  I updated my root server list just in case.  I  
checked all my own zones I serve to make sure there was no bogus zone  
info. I flushed the cash and indeed restarted all my bind instances.   
Both of my dns servers give the wrong thing.  It is best illustrated  
by looking at the following to dig results

There are no references to sedoparking or medialytics in any of my  
zone files or configuration or anything

The first one shows the bogus info:

# dig t.medialytics.com

; <<>> DiG 9.3.1 <<>> t.medialytics.com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3572
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 8

;; QUESTION SECTION:
;t.medialytics.com.		IN	A

;; ANSWER SECTION:
t.medialytics.com.	600	IN	A	82.98.86.171

;; AUTHORITY SECTION:
medialytics.com.	82115	IN	NS	ns2.sedoparking.com.
medialytics.com.	82115	IN	NS	ns1.sedoparking.com.

;; ADDITIONAL SECTION:
ns1.sedoparking.com.	39828	IN	A	217.160.186.74
ns1.sedoparking.com.	39828	IN	A	74.208.13.27
ns1.sedoparking.com.	39828	IN	A	91.195.240.162
ns1.sedoparking.com.	39828	IN	A	212.227.86.6
ns2.sedoparking.com.	39828	IN	A	217.160.208.235
ns2.sedoparking.com.	39828	IN	A	74.208.8.95
ns2.sedoparking.com.	39828	IN	A	87.106.54.143
ns2.sedoparking.com.	39828	IN	A	91.195.241.162

;; Query time: 751 msec
;; SERVER: 209.41.94.136#53(209.41.94.136)
;; WHEN: Sun Jul  6 18:46:28 2008
;; MSG SIZE  rcvd: 227

#

This next one shows the correct info.


# dig t.medialytics.com +trace

; <<>> DiG 9.3.1 <<>> t.medialytics.com +trace
;; global options:  printcmd
.			159780	IN	NS	A.ROOT-SERVERS.NET.
.			159780	IN	NS	B.ROOT-SERVERS.NET.
.			159780	IN	NS	C.ROOT-SERVERS.NET.
.			159780	IN	NS	D.ROOT-SERVERS.NET.
.			159780	IN	NS	E.ROOT-SERVERS.NET.
.			159780	IN	NS	F.ROOT-SERVERS.NET.
.			159780	IN	NS	G.ROOT-SERVERS.NET.
.			159780	IN	NS	H.ROOT-SERVERS.NET.
.			159780	IN	NS	I.ROOT-SERVERS.NET.
.			159780	IN	NS	J.ROOT-SERVERS.NET.
.			159780	IN	NS	K.ROOT-SERVERS.NET.
.			159780	IN	NS	L.ROOT-SERVERS.NET.
.			159780	IN	NS	M.ROOT-SERVERS.NET.
;; Received 500 bytes from 209.41.94.136#53(209.41.94.136) in 4186 ms

com.			172800	IN	NS	L.GTLD-SERVERS.NET.
com.			172800	IN	NS	M.GTLD-SERVERS.NET.
com.			172800	IN	NS	A.GTLD-SERVERS.NET.
com.			172800	IN	NS	B.GTLD-SERVERS.NET.
com.			172800	IN	NS	C.GTLD-SERVERS.NET.
com.			172800	IN	NS	D.GTLD-SERVERS.NET.
com.			172800	IN	NS	E.GTLD-SERVERS.NET.
com.			172800	IN	NS	F.GTLD-SERVERS.NET.
com.			172800	IN	NS	G.GTLD-SERVERS.NET.
com.			172800	IN	NS	H.GTLD-SERVERS.NET.
com.			172800	IN	NS	I.GTLD-SERVERS.NET.
com.			172800	IN	NS	J.GTLD-SERVERS.NET.
com.			172800	IN	NS	K.GTLD-SERVERS.NET.
;; Received 507 bytes from 198.41.0.4#53(A.ROOT-SERVERS.NET) in 96 ms

medialytics.com.	172800	IN	NS	ns1.domainservice.com.
medialytics.com.	172800	IN	NS	ns2.domainservice.com.
medialytics.com.	172800	IN	NS	ns3.domainservice.com.
medialytics.com.	172800	IN	NS	ns4.domainservice.com.
;; Received 185 bytes from 192.55.83.30#53(M.GTLD-SERVERS.NET) in 25 ms

t.medialytics.com.	21600	IN	A	209.41.94.242
medialytics.com.	21600	IN	NS	ns4.domainservice.com.
medialytics.com.	21600	IN	NS	ns3.domainservice.com.
medialytics.com.	21600	IN	NS	ns2.domainservice.com.
medialytics.com.	21600	IN	NS	ns1.domainservice.com.
;; Received 201 bytes from 208.73.210.41#53(ns1.domainservice.com) in  
22 ms

#

I have no idea where the bogus info is coming from.

My named.conf looks like

options {
         directory "/etc/namedb/zones";
         pid-file "/var/run/named/pid-file";
         listen-on {
                 209.41.94.134;
         };
         forwarders {
                 198.60.22.2;
         };
         allow-transfer {
                 209.41.94.0/24;
         };

};

  key "rndc-key" {
        algorithm hmac-md5;
        secret "snipped";
  };

  controls {
        inet 209.41.94.134 port 953
                allow { 209.41.94.134; } keys { "rndc-key"; };
  };

zone "." {
         type hint;
         file "named.root";
};

include "named.domainlist.conf";

---

Thanks
Chad

---
Chad Leigh -- Shire.Net LLC
Your Web App and Email hosting provider
chad at shire.net

More information about the bind-users mailing list