Bind not returning A record
Torsten
toto at the-damian.de
Wed Dec 22 14:17:28 UTC 2010
Am Wed, 22 Dec 2010 21:53:14 +0800
schrieb Paul Ooi Cong Jen <paulooi at takizo.com>:
>
> On 22-Dec-2010, at 9:41 PM, Lyle Giese wrote:
>
> > Paul Ooi Cong Jen wrote:
> >> kwsp.gov.my. 86400 IN NS ns3.pttcdc.com.my.
> >> ;; Received 109 bytes from 137.189.6.21#53(ns2.cuhk.edu.hk) in 52 ms
> >>
> >> www.kwsp.gov.my. 43200 IN CNAME www.yu.kwsp.gov.my.
> >> ;; Received 54 bytes from 202.184.117.10#53(ns3.pttcdc.com.my) in 21 ms
> >> -----------------------------------------------
> >>
> >> If I tried to rndc flush, dig again the record return the result
> >> ------------------------------
> >>
> >> dig @localhost www.kwsp.gov.my
> >>
> >> ; <<>> DiG 9.7.0-P3 <<>> @localhost www.kwsp.gov.my
> >> ; (2 servers found)
> >> ;; global options: +cmd
> >> ;; Got answer:
> >> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20092
> >> ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 0
> >>
> >> ;; QUESTION SECTION:
> >> ;www.kwsp.gov.my. IN A
> >>
> >> ;; ANSWER SECTION:
> >> www.kwsp.gov.my. 43186 IN CNAME www.yu.kwsp.gov.my.
> >> www.yu.kwsp.gov.my. 30 IN A 202.162.21.166
> >>
> >> ;; AUTHORITY SECTION:
> >> yu.kwsp.gov.my. 43200 IN NS ns2.yu.kwsp.gov.my.
> >> yu.kwsp.gov.my. 43200 IN NS ns1.yu.kwsp.gov.my.
> >>
> >> ;; Query time: 829 msec
> >> ;; SERVER: 127.0.0.1#53(127.0.0.1)
> >> ;; WHEN: Wed Dec 22 15:04:55 2010
> >> ;; MSG SIZE rcvd: 106
> >>
> >> ------------------------
> >>
> >>
> >>> From the debug logs, we see the error message as below
> >>
> >> gov.my/IN/A at query.c:4650
> >> 22-Dec-2010 14:38:52.845 query-errors: client 211.24.220.233#54055: query failed (SERVFAIL) for www.kwsp.gov.my/IN/A at query.c:4650
> >> 22-Dec-2010 14:38:52.845 query-errors: client 211.24.220.233#54023: query failed (SERVFAIL) for www.kwsp.gov.my/IN/A at query.c:4650
> >> 22-Dec-2010 14:40:27.940 query-errors: client 203.121.30.35#52679: query failed (SERVFAIL) for www.kwsp.gov.my/IN/A at query.c:4650
> >> 22-Dec-2010 14:40:27.940 query-errors: client 211.24.220.233#54143: query failed (SERVFAIL) for www.kwsp.gov.my/IN/A at query.c:4650
> >> 22-Dec-2010 14:43:48.202 query-errors: client 211.24.177.146#62297: query failed (SERVFAIL) for www.kwsp.gov.my/IN/A at query.c:4650
> >> 22-Dec-2010 14:43:48.202 query-errors: client 211.24.220.233#54459: query failed (SERVFAIL) for www.kwsp.gov.my/IN/A at query.c:4650
> >> 22-Dec-2010 14:43:48.202 query-errors: client 211.24.220.233#54473: query failed (SERVFAIL) for www.kwsp.gov.my/IN/A at query.c:4650
> >> 22-Dec-2010 14:43:48.202 query-errors: client 211.24.177.146#62297: query failed (SERVFAIL) for www.kwsp.gov.my/IN/A at query.c:4650
> >> 22-Dec-2010 14:44:48.290 query-errors: client 211.24.220.233#54530: query failed (SERVFAIL) for www.kwsp.gov.my/IN/A at query.c:4650
> >> 22-Dec-2010 14:44:48.290 query-errors: client 127.0.0.1#19009: query failed (SERVFAIL) for www.kwsp.gov.my/IN/A at query.c:4650
> >> 22-Dec-2010 14:44:48.290 query-errors: client 211.24.220.233#54547: query failed (SERVFAIL) for www.kwsp.gov.my/IN/A at query.c:4650
> >>
> >> On the other hand, we notice that the NS record seem like no DNS service running, could it be client side or server side problem?
> >>
> > Bind is returning the proper answer. There is no A record for www.kwsp.gov.my. It's been setup as a CNAME to www.yu.kwsp.gov.my and you have received that answer.
> >
> > As far as those errors go, those are probably errors in their setup.
>
> Hi Lyle,
>
> I guess the same too, because the NS record for the CNAME seems not available.
>
The DNS operators have borked their configuration for sure.
ns3.pttcdc.com.my knows about both www.kwsp.gov.my AND www.yu.kwsp.gov.my where it shouldn't.
dig +norec @ns3.pttcdc.com.my www.kwsp.gov.my a
; <<>> DiG 9.7.2-P3-RedHat-9.7.2-4.P3.fc14 <<>> +norec @ns3.pttcdc.com.my www.kwsp.gov.my a
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64831
;; flags: qr aa ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;www.kwsp.gov.my. IN A
;; ANSWER SECTION:
www.kwsp.gov.my. 43200 IN CNAME www.yu.kwsp.gov.my.
;; Query time: 360 msec
;; SERVER: 202.184.117.10#53(202.184.117.10)
;; WHEN: Wed Dec 22 15:15:21 2010
;; MSG SIZE rcvd: 54
dig +norec @ns3.pttcdc.com.my www.yu.kwsp.gov.my a
; <<>> DiG 9.7.2-P3-RedHat-9.7.2-4.P3.fc14 <<>> +norec @ns3.pttcdc.com.my www.yu.kwsp.gov.my a
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58486
;; flags: qr ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;www.yu.kwsp.gov.my. IN A
;; ANSWER SECTION:
www.yu.kwsp.gov.my. 20 IN A 202.162.21.166
;; Query time: 361 msec
;; SERVER: 202.184.117.10#53(202.184.117.10)
;; WHEN: Wed Dec 22 15:12:20 2010
;; MSG SIZE rcvd: 52
dig +norec @ns3.pttcdc.com.my yu.kwsp.gov.my ns
; <<>> DiG 9.7.2-P3-RedHat-9.7.2-4.P3.fc14 <<>> +norec @ns3.pttcdc.com.my yu.kwsp.gov.my ns
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21431
;; flags: qr ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 2
;; QUESTION SECTION:
;yu.kwsp.gov.my. IN NS
;; ANSWER SECTION:
yu.kwsp.gov.my. 43200 IN NS ns1.yu.kwsp.gov.my.
yu.kwsp.gov.my. 43200 IN NS ns2.yu.kwsp.gov.my.
;; ADDITIONAL SECTION:
ns1.yu.kwsp.gov.my. 43200 IN A 202.162.21.163
ns2.yu.kwsp.gov.my. 43200 IN A 211.25.56.211
;; Query time: 360 msec
;; SERVER: 202.184.117.10#53(202.184.117.10)
;; WHEN: Wed Dec 22 15:14:39 2010
;; MSG SIZE rcvd: 100
Ciao
Torsten
> >
> > Lyle Giese
> > LCR Computer Services, Inc.
> >
> > _______________________________________________
> > bind-users mailing list
> > bind-users at lists.isc.org
> > https://lists.isc.org/mailman/listinfo/bind-users
>
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
More information about the bind-users
mailing list