servfail response message question
Barry Margolin
barmar at alum.mit.edu
Wed Jun 26 14:24:24 UTC 2013
In article <mailman.668.1372206152.20661.bind-users at lists.isc.org>,
RYAN CHERVENKA <ryan_chervenka at yahoo.com> wrote:
> I currently have a domain example.com authoritative on my Ubuntu server and
> it is delegating gslb.example.com to my load balancer.Ý
www.example.com is a
> CNAME for www.gslb.example.comÝ
Gslb.example.com has an NS record pointing to
> the LB
Client sends query for www.example.com to Ubuntu DNS server. The
> Ubuntu DNS server sends a query to the load balancer for www.gslb.example.com
> and the LB responds to the Ubuntu DNS server with the right A record in the
> answer section. However, the Ubuntu server responds to the client with
> servfail.Ý
When I look at the pcap from the Ubuntu server, the LB is
> responding to it with the correct IP but the dig response from the Ubuntu
> server to the client shows "no servers could be reached" when I dig against
> the Ubuntu. I also see the same message in the dns response in the pcap
> (obviously).
Ryans-MacBook-Pro:~ ryanc$ dig @10.10.1.50 www.example.com <-me
> querying the Ubuntu for www.example.com
; <<>> DiG 9.8.3-P1 <<>> @10.10.1.50
> www.example.com
; (1 server found)
;; global options: +cmd
;; connection
> timed out; no servers could be reached
Do you have any ideas as to why this
> is happening?
Ryan Chervenka
Why is the Ubuntu server sending the query to the LB at all? To emulate
how a caching server works, you should be sending queries WITHOUT the RD
flag, so the Ubuntu server should return a delegation to the LB, and
then the caching server should query the LB.
Regarding the problem as you state it, is the LB responding
authoritatively?
--
Barry Margolin
Arlington, MA
More information about the bind-users
mailing list