strange problem (SERVFAIL), but able to query google's DNS servers

Mark Andrews marka at isc.org
Thu Feb 11 00:09:24 UTC 2010 

For buildcount.com Google is taking the referral and returning it
as an answer.  The authoritative servers for the zone are misconfigured.

; <<>> DiG 9.3.6-P1 <<>> buildcount.com +norec @a.gtld-servers.net
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44142
;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 6, ADDITIONAL: 4

;; QUESTION SECTION:
;buildcount.com.			IN	A

;; AUTHORITY SECTION:
buildcount.com.		172800	IN	NS	ns1.scalecost.com.
buildcount.com.		172800	IN	NS	ns2.scalecost.com.
buildcount.com.		172800	IN	NS	ns3.verbtake.com.
buildcount.com.		172800	IN	NS	ns4.verbtake.com.
buildcount.com.		172800	IN	NS	ns5.0ih.ru.
buildcount.com.		172800	IN	NS	ns6.0ih.ru.

;; ADDITIONAL SECTION:
ns1.scalecost.com.	172800	IN	A	121.10.106.148
ns2.scalecost.com.	172800	IN	A	61.136.59.34
ns3.verbtake.com.	172800	IN	A	11.1.1.1
ns4.verbtake.com.	172800	IN	A	11.1.1.1

;; Query time: 181 msec
;; SERVER: 2001:503:a83e::2:30#53(2001:503:a83e::2:30)
;; WHEN: Thu Feb 11 10:49:29 2010
;; MSG SIZE  rcvd: 229

% dig buildcount.com ns @ns1.scalecost.com +norec

; <<>> DiG 9.3.6-P1 <<>> buildcount.com ns @ns1.scalecost.com +norec
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38268
;; flags: qr aa; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;buildcount.com.                        IN      NS

;; AUTHORITY SECTION:
.                       3600    IN      SOA     . root.local. 2009020411 10800 3600 3600000 3600

;; Query time: 462 msec
;; SERVER: 121.10.106.148#53(121.10.106.148)
;; WHEN: Thu Feb 11 10:45:44 2010
;; MSG SIZE  rcvd: 76

% 

In message <183604.32013.qm at web57603.mail.re1.yahoo.com>, W S writes:
> Folks - my DNS slaves are flooded with these [req from corp email gateways]=
> :
>  
> query failed (SERVFAIL) for buildcount.com/IN/NS at query.c:4623
> query failed (SERVFAIL) for rss.sina.com.cn/IN/A at query.c:4623
> ...
>  
> BUT if I query the very same Domain Names within googles' DNS - it's all go=
> od:
> dig @8.8.8.8 buildcount.com
> buildcount.com.  61.136.59.34


You didn't make the same question to Google "dig @8.8.8.8 buildcount.com NS"
would be the same question.

> And of course, my systems are NOT able to resolve these and other names=20
> cause /etc/resolv.conf pointing to my local resolvers, this is just partial=
>  list:
>  
> host treesfresh.net
> host rss.sina.com.cn
> host twoproperitary.ru
> host qq.com
> host 53www.com
> host exactshy.ru
> host heldthem.ru
> 
>  
> Are these misconfigured Domains - if so - then why Google's DNS able to res=
> olve name, MX etc...and my DNS slaves=20

What does "dig +trace treesfresh.net" return? Similarly for the others.
Note dig +trace does not follow CNAMES so you will need to restart the
queries the canonical name.

What do "tcpdump -n -s 0 port 53" show when you make a query to the nameserver?

> Thanks a lot,
> --Walter Smith
> 
> --- On Tue, 2/9/10, W S <whatisee1 at yahoo.com> wrote:
> 
> 
> From: W S <whatisee1 at yahoo.com>
> Subject: Re: strange problem with "double CNAMEs" ?
> To: bind-users at lists.isc.org
> Date: Tuesday, February 9, 2010, 4:08 PM
> 
> 
> 
> 
> 
> 
> 
> Is there anything I have to enable on my side to query these "double CNAMEs=
> "?
>  
> dig @8.8.8.8 cdn2.example.com
> cdn2.example.com 3600 IN CNAME cdn2.example2.com
> cdn2.example2.com 3600 IN CNAME cdn3.example2.com
> cdn3.example2.com 3600 IN A 1.2.3.4
>  
> Thanks a lot guys,
> --WS
> 
> --- On Mon, 2/8/10, W S <whatisee1 at yahoo.com> wrote:
> 
> 
> From: W S <whatisee1 at yahoo.com>
> Subject: strange problem
> To: bind-users at lists.isc.org
> Date: Monday, February 8, 2010, 3:44 PM
> 
> 
> 
> 
> 
> 
> 
> Folks,
>  
> When I try to get an IP address for some sub-site/domain, let's say
> cdn2.example.com --- I'm getting errors, BUT when I query
> Google's DNS servers I'm getting an IP address:
>  
> dig @8.8.8.8 cdn2.example.com
> cdn2.example.com 3600 IN CNAME cdn2.example2.com
> cdn2.example2.com 3600 IN CNAME cdn3.example2.com
> cdn3.example2.com 3600 IN A 1.2.3.4
>  
> This is my DNS configurations/errors:
>  
> #############################################################
> /usr/local/bind/sbin/named -V
> BIND 9.6.1-P3 built with '--prefix=3D/usr/local/bind' '--with-openssl=3D/us=
> r/local/openssl' '--enable-fixed-rrset' '--disable-ipv6'
> #############################################################
> 08-Feb-2010 15:13:01.479 query-errors: debug 1: client <some_ip_addr>#7074:=
>  query failed (SERVFAIL) for cdn2.example.com/IN/A at query.c:4623
> 08-Feb-2010 15:13:01.479 query-errors: debug 2: fetch completed at resolver=
> .c:3119 for cdn2.example.com/A in 30.000908: timed out/success=20
> [domain:example.com,referral:1,restart:6,qrysent:13,timeout:9,lame:0,neterr=
> :0,badresp:0,adberr:0,findfail:0,valfail:0]
> #############################################################
> at query.c:4623
> ~/bind-9.6.1-P3/bin/named/query.c
>  default:
>                 /*
>                  * Something has gone wrong=
> .
>                  */
>                 QUERY_ERROR(DNS_R_SERVFAIL);
>                 goto cleanup;
>         }
> #############################################################
> at resolver.c:3119
> ~/bind-9.6.1-P3/lib/dns/resolver.c
>   if (event->ev_type =3D=3D ISC_TIMEREVENT_LIFE) {
>                 fctx->reason =3D NULL;
>                 fctx_done(fctx, ISC_R_TIMEDOU=
> T, __LINE__);
> #############################################################
>  
>  
> Thanks,
> --WS
>  
> 
> -----Inline Attachment Follows-----
> 
> 
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
> 
> -----Inline Attachment Follows-----
> 
> 
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
> =0A=0A=0A      
> --0-166099193-1265826328=:32013
> Content-Type: text/html; charset=iso-8859-1
> Content-Transfer-Encoding: quoted-printable
> 
> <table cellspacing=3D"0" cellpadding=3D"0" border=3D"0" ><tr><td valign=3D"=
> top" style=3D"font: inherit;"><BR>
> <BLOCKQUOTE style=3D"BORDER-LEFT: rgb(16,16,255) 2px solid; PADDING-LEFT: 5=
> px; MARGIN-LEFT: 5px">
> <DIV id=3Dyiv714128926>
> <TABLE border=3D0 cellSpacing=3D0 cellPadding=3D0>
> <TBODY>
> <TR>
> <TD vAlign=3Dtop>
> <DIV id=3Dyiv1520902560>
> <DIV>Folks - my DNS slaves are flooded with these [req from corp email gate=
> ways]:</DIV>
> <DIV> </DIV>
> <DIV>query failed (SERVFAIL) for buildcount.com/IN/NS at query.c:4623</DIV>
> <DIV>query failed (SERVFAIL) for rss.sina.com.cn/IN/A at query.c:4623</DIV>
> <DIV>...</DIV>
> <DIV> </DIV>
> <DIV>BUT if I query the very same Domain Names within googles' DNS - it's a=
> ll good:</DIV>
> <DIV>dig @8.8.8.8 buildcount.com</DIV>
> <DIV>buildcount.com.         3600&n=
> bsp;   IN      A    =
>    61.136.59.34</DIV>
> <DIV> </DIV>
> <DIV> </DIV>
> <DIV>And of course, my systems are NOT able to resolve these and other name=
> s </DIV>
> <DIV>cause /etc/resolv.conf pointing to my local resolvers, this is just pa=
> rtial list:</DIV>
> <DIV> </DIV>
> <DIV>host treesfresh.net</DIV>
> <DIV>host rss.sina.com.cn<BR>host twoproperitary.ru<BR>host qq.com<BR>host =
> 53www.com<BR>host exactshy.ru<BR>host heldthem.ru<BR></DIV>
> <DIV> </DIV>
> <DIV>Are these misconfigured Domains - if so - then why Google's DNS able t=
> o resolve name, MX etc...and my DNS slaves </DIV>
> <DIV> </DIV>
> <DIV> </DIV>
> <DIV>Thanks a lot,</DIV>
> <DIV>--Walter Smith<BR><BR>--- On <B>Tue, 2/9/10, W S <I><whatisee1 at yaho=
> o.com></I></B> wrote:<BR></DIV>
> <BLOCKQUOTE style=3D"BORDER-LEFT: rgb(16,16,255) 2px solid; PADDING-LEFT: 5=
> px; MARGIN-LEFT: 5px"><BR>From: W S <whatisee1 at yahoo.com><BR>Subject:=
>  Re: strange problem with "double CNAMEs" ?<BR>To: bind-users at lists.isc.org=
> <BR>Date: Tuesday, February 9, 2010, 4:08 PM<BR><BR>
> <DIV id=3Dyiv1617457803>
> <TABLE border=3D0 cellSpacing=3D0 cellPadding=3D0>
> <TBODY>
> <TR>
> <TD vAlign=3Dtop>
> <DIV>Is there anything I have to enable on my side to query these "double C=
> NAMEs"?</DIV>
> <DIV> </DIV>
> <DIV>dig @8.8.8.8 cdn2.example.com</DIV>
> <DIV>cdn2.example.com 3600 IN CNAME <A href=3D"http://cdn2.exampl=
> e2.com/" rel=3Dnofollow target=3D_blank><SPAN id=3Dlw_1265760430_4 class=3D=
> yshortcuts>cdn2.example2.com</SPAN></A></DIV>
> <DIV>cdn2.example2.com 3600 IN CNAME <A href=3D"http://cdn3.example2.com/" =
> rel=3Dnofollow target=3D_blank><SPAN id=3Dlw_1265760430_5 class=3Dyshortcut=
> s>cdn3.example2.com</SPAN></A></DIV>
> <DIV>cdn3.example2.com 3600 IN A 1.2.3.4</DIV>
> <DIV> </DIV>
> <DIV>Thanks a lot guys,</DIV>
> <DIV>--WS<BR><BR>--- On <B>Mon, 2/8/10, W S <I><whatisee1 at yahoo.com><=
> /I></B> wrote:<BR></DIV>
> <BLOCKQUOTE style=3D"BORDER-LEFT: rgb(16,16,255) 2px solid; PADDING-LEFT: 5=
> px; MARGIN-LEFT: 5px"><BR>From: W S <whatisee1 at yahoo.com><BR>Subject:=
>  strange problem<BR>To: bind-users at lists.isc.org<BR>Date: Monday, February =
> 8, 2010, 3:44 PM<BR><BR>
> <DIV id=3Dyiv1795112504>
> <TABLE border=3D0 cellSpacing=3D0 cellPadding=3D0>
> <TBODY>
> <TR>
> <TD vAlign=3Dtop>
> <DIV>Folks,</DIV>
> <DIV> </DIV>
> <DIV>When I try to get an IP address for some sub-site/domain, let's say</D=
> IV>
> <DIV>cdn2.example.com --- I'm getting errors, BUT when I query</DIV>
> <DIV>Google's DNS servers I'm getting an IP address:</DIV>
> <DIV> </DIV>
> <DIV>dig @8.8.8.8 cdn2.example.com</DIV>
> <DIV>cdn2.example.com 3600 IN CNAME cdn2.example2.com</DIV>
> <DIV>cdn2.example2.com 3600 IN CNAME cdn3.example2.com</DIV>
> <DIV>cdn3.example2.com 3600 IN A 1.2.3.4</DIV>
> <DIV> </DIV>
> <DIV>This is my DNS configurations/errors:</DIV>
> <DIV> </DIV>
> <DIV>#############################################################<BR>/usr/=
> local/bind/sbin/named -V<BR>BIND 9.6.1-P3 built with '--prefix=3D/usr/local=
> /bind' '--with-openssl=3D/usr/local/openssl' '--enable-fixed-rrset' '--disa=
> ble-ipv6'<BR>#############################################################<=
> BR>08-Feb-2010 15:13:01.479 query-errors: debug 1: client <some_ip_addr&=
> gt;#7074: query failed (SERVFAIL) for cdn2.example.com/IN/A at query.c:4623=
> <BR>08-Feb-2010 15:13:01.479 query-errors: debug 2: fetch completed at reso=
> lver.c:3119 for cdn2.example.com/A in 30.000908: timed out/success <BR>[dom=
> ain:example.com,referral:1,restart:6,qrysent:13,timeout:9,lame:0,neterr:0,b=
> adresp:0,adberr:0,findfail:0,valfail:0]<BR>################################=
> #############################<BR>at query.c:4623<BR>~/bind-9.6.1-P3/bin/nam=
> ed/query.c<BR> default:<BR>       &=
> nbsp;       
>  /*<BR>           &n=
> bsp;     * Something has gone wrong.<BR>  &nb=
> sp;            =
>   */<BR>          &n=
> bsp;     QUERY_ERROR(DNS_R_SERVFAIL);<BR>  &n=
> bsp;           &nbsp=
> ; goto cleanup;<BR>        }<BR>########=
> #####################################################<BR>at resolver.c:3119=
> <BR>~/bind-9.6.1-P3/lib/dns/resolver.c</DIV>
> <DIV>  if (event->ev_type =3D=3D ISC_TIMEREVENT_LIFE) {<BR> &n=
> bsp;           &nbsp=
> ;  fctx->reason =3D NULL;<BR>      &n=
> bsp;         fctx_done(fctx, ISC_R_=
> TIMEDOUT, __LINE__);<BR>###################################################=
> ##########</DIV>
> <DIV> </DIV>
> <DIV> </DIV>
> <DIV>Thanks,</DIV>
> <DIV>--WS</DIV>
> <DIV> </DIV></TD></TR></TBODY></TABLE><BR></DIV><BR>-----Inline Attach=
> ment Follows-----<BR><BR>
> <DIV class=3DplainMail>_______________________________________________<BR>b=
> ind-users mailing list<BR><A href=3D"http://us.mc576.mail.yahoo.com/mc/comp=
> ose?to=3Dbind-users at lists.isc.org" rel=3Dnofollow target=3D_blank>bind-user=
> s at lists.isc.org</A><BR><A href=3D"https://lists.isc.org/mailman/listinfo/bi=
> nd-users" rel=3Dnofollow target=3D_blank>https://lists.isc.org/mailman/list=
> info/bind-users</A></DIV></BLOCKQUOTE></TD></TR></TBODY></TABLE><BR></DIV><=
> BR>-----Inline Attachment Follows-----<BR><BR>
> <DIV class=3DplainMail>_______________________________________________<BR>b=
> ind-users mailing list<BR><A href=3D"http://us.mc576.mail.yahoo.com/mc/comp=
> ose?to=3Dbind-users at lists.isc.org" rel=3Dnofollow target=3D_blank>bind-user=
> s at lists.isc.org</A><BR><A href=3D"https://lists.isc.org/mailman/listinfo/bi=
> nd-users" rel=3Dnofollow target=3D_blank>https://lists.isc.org/mailman/list=
> info/bind-users</A></DIV></BLOCKQUOTE></DIV></TD></TR></TBODY></TABLE><BR><=
> /DIV></BLOCKQUOTE></td></tr></table><br>=0A=0A      
> --0-166099193-1265826328=:32013--
> 
> --===============6772155986104046454==
> Content-Type: text/plain; charset="us-ascii"
> MIME-Version: 1.0
> Content-Transfer-Encoding: 7bit
> Content-Disposition: inline
> 
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
> --===============6772155986104046454==--
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org

More information about the bind-users mailing list