Query on ignoring additional section returned in replies
Elias Ahmed Kamal
eliasak at tm.com.my
Wed Nov 18 10:07:57 UTC 2015
Hi guys,
I'm having issues resolving www.fis.com.my. I'm trying to tell fis.com.my that its an issue at their end, but when checking against 8.8.8.8 it resolves fine....so it MUST be a problem with me.
1. Lookups fail, this is clear enough
root at sputnik # dig @localhost www.fis.com.my
; <<>> DiG 9.9.5-P1 <<>> @localhost www.fis.com.my
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 51246
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.fis.com.my. IN A
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Nov 18 17:40:58 MYT 2015
;; MSG SIZE rcvd: 43
2. All of fis.com.my's authoritative nameservers answer and are consistent
It tells me that www.wip.fis.com.my is a CNAME for www.fis.com.my
And that wan1-wan4.fis.com.my is the authoritative servers for *.wip.fis.com.my
root at sputnik # dig @ns1.fis.com.my www.fis.com.my
; <<>> DiG 9.9.5-P1 <<>> @ns1.fis.com.my www.fis.com.my
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33357
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 5
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.fis.com.my. IN A
;; ANSWER SECTION:
www.fis.com.my. 38400 IN CNAME www.wip.fis.com.my.
;; AUTHORITY SECTION:
wip.fis.com.my. 38400 IN NS wan1.fis.com.my.
wip.fis.com.my. 38400 IN NS wan4.fis.com.my.
wip.fis.com.my. 38400 IN NS wan3.fis.com.my.
wip.fis.com.my. 38400 IN NS wan2.fis.com.my.
;; ADDITIONAL SECTION:
wan1.fis.com.my. 38400 IN A 202.188.242.130
wan2.fis.com.my. 38400 IN A 210.19.86.114
wan3.fis.com.my. 38400 IN A 175.143.6.162
wan4.fis.com.my. 38400 IN A 219.92.28.106
;; Query time: 8 msec
;; SERVER: 202.188.242.135#53(202.188.242.135)
;; WHEN: Wed Nov 18 17:41:09 MYT 2015
;; MSG SIZE rcvd: 205
3. I now do a 3rd lookup test against wan1.fis.com.my for www.wip.fis.com.my and get the answers
BUT, the nameserver is also returning an authority section saying wip.fis.com.my is now served by ns1.wip.fis.com.my
[Previously I know wip.fis.com.my was served by wan1-wan4.fis.com.my, but now somehow I'm caching ns1.wip.fis.com.my instead]
[Question: Is it the expected behaviour that this new NS will override the previous NS for wip.fis.com.my? And is there any way to ignore authority/additional answers that I get from replies?]
root at cbj-cdns21 # dig @wan1.fis.com.my www.wip.fis.com.my
; <<>> DiG 9.9.5-P1 <<>> @wan1.fis.com.my www.wip.fis.com.my
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43777
;; flags: qr aa rd; QUERY: 1, ANSWER: 3, AUTHORITY: 1, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;www.wip.fis.com.my. IN A
;; ANSWER SECTION:
www.wip.fis.com.my. 5 IN A 175.143.6.165
www.wip.fis.com.my. 5 IN A 202.188.242.137
www.wip.fis.com.my. 5 IN A 210.19.86.117
;; AUTHORITY SECTION:
wip.fis.com.my. 3600 IN NS ns1.wip.fis.com.my.
;; Query time: 7 msec
;; SERVER: 202.188.242.130#53(202.188.242.130)
;; WHEN: Wed Nov 18 17:44:59 MYT 2015
;; MSG SIZE rcvd: 102
4. Lo and behold, ns1.wip.fis.com.my doesn't exist! And because of this all my queries for www.fis.com.my are failing. Am I correct?
root at sputnik # dig @wan1.fis.com.my ns1.wip.fis.com.my
; <<>> DiG 9.9.5-P1 <<>> @wan1.fis.com.my ns1.wip.fis.com.my
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37457
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;ns1.wip.fis.com.my. IN A
;; AUTHORITY SECTION:
wip.fis.com.my. 3600 IN SOA ns1.wip.fis.com.my. webmaster. 2015111825 16384 2048 1048576 2560
;; Query time: 6 msec
;; SERVER: 202.188.242.130#53(202.188.242.130)
;; WHEN: Wed Nov 18 17:47:45 MYT 2015
;; MSG SIZE rcvd: 81
We only send and receive email on the basis of the terms set out at http://www.tm.com.my/email_disclaimer.
More information about the bind-users
mailing list