what should bind do after receiving a SERVFAIL

Matthew Pounsett matt at conundrum.com
Tue Jun 17 19:05:29 UTC 2008 

On 17-Jun-2008, at 14:46 , Holemans Wim wrote:

> we have a problem reaching a domain www.deltapoint.be, which is a
> webserver hosted by Combell. It seems there is something wrong with  
> the
> nameresolution, but i can't figure out if it is our nameserver (bind
> 9.2.4) or the authoritive server that is doing something wrong.

It's not your local recursive server that's the problem.  The  
authoritative servers are doing something I've never seen before... if  
they receive an ANY or A query, they're giving a response with an  
answer, and the status set to servfail.

; <<>> DiG 9.2.3 <<>> www.deltapoint.be @ns3.combell.net
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 7067
;; flags: qr rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.deltapoint.be.             IN      A

;; ANSWER SECTION:
www.deltapoint.be.      3600    IN      CNAME    
virtualhosting.brightsites.be.
virtualhosting.brightsites.be. 3600 IN  CNAME    
virtualhosting.newlink.cz.

;; Query time: 101 msec
;; SERVER: 193.111.95.9#53(ns3.combell.net)
;; WHEN: Tue Jun 17 14:54:08 2008
;; MSG SIZE  rcvd: 115



They only respond correctly to a CNAME query.

; <<>> DiG 9.2.3 <<>> IN CNAME www.deltapoint.be @ns3.combell.net
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61642
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.deltapoint.be.             IN      CNAME

;; ANSWER SECTION:
www.deltapoint.be.      3600    IN      CNAME    
virtualhosting.brightsites.be.

;; Query time: 103 msec
;; SERVER: 193.111.95.9#53(ns3.combell.net)
;; WHEN: Tue Jun 17 14:56:03 2008
;; MSG SIZE  rcvd: 76


This might provide some useful debugging info to someone:

; <<>> DiG 9.2.3 <<>> CHAOS TXT version.bind @ns4.combell.net
[...]
;; ANSWER SECTION:
version.bind.           5       IN      TXT     "Served by POWERDNS  
2.9.21 $Id: packethandler.cc 1036 2007-04-19 20:43:14Z ahu $"

More information about the bind-users mailing list