Debugging recursive bind
Kevin Darcy
kcd at chrysler.com
Fri Nov 21 20:40:14 UTC 2008
Marco Michelino wrote:
> Hi all,
> I have a recursive dns server that sometimes returns errors on queries
> even if the requested domain exists:
>
>
> # dig @myserver agriturismolacapraccia.it mx
>
> ; <<>> DiG 9.3.4-P1.1 <<>> @myserver agriturismolacapraccia.it mx
> ; (1 server found)
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 12554
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;agriturismolacapraccia.it. IN MX
>
> ;; Query time: 34 msec
> ;; SERVER: XX.XX.XX.XX#53(XX.XX.XX.XX)
> ;; WHEN: Fri Nov 21 10:59:14 2008
> ;; MSG SIZE rcvd: 43
>
>
> My log file shows no error... how can I debug the query to understand
> what's going wrong?
>
SERVFAIL is a catch-all error and many different things can cause it.
In real-time, you could try the +trace option to dig.
Offhand, the only thing that strikes me about this is that both
nameservers for
agriturismolacapraccia.it appear to be on the same network segment
(85.18.235.2 and 85.18.235.4). This would make their nameservice rather
fragile. It's likely they have a Single Point of Failure which could
cause their whole domain to be temporarily unavailable.
- Kevin
More information about the bind-users
mailing list