In message <aanlktinkag+xy6uec9wrbppn8zstgixvsra1jawij...@mail.gmail.com>, Tory M Blue writes: > On Fri, Feb 4, 2011 at 5:37 AM, Florian Weimer <fwei...@bfk.de> wrote: > > * Tory M. Blue: > > > >> [tblue@mx3 ~]$ dig @problemserver.net =A0www.yahoo.com =A0+trace > > > > Please use "dig @problemserver.net www.yahoo.com +trace +norecurse > > +dnssec", to match more closely the queires that BIND would send. > > Okay thanks, done that as well as provided the tcpdump information. > The server is being queried it just fails to resolve yahoo but can > resolve all others. > > [tblue@tblue-laptop ~]$ dig @problemserver.net www.yahoo.com > > ; <<>> DiG 9.6.2-P2-RedHat-9.6.2-5.P2.fc12 <<>> @problemserver.net www.yaho= > o.com > ; (1 server found) > ;; global options: +cmd > ;; connection timed out; no servers could be reached > > > [tblue@tblue-laptop ~]$ dig @probelmserver.net.net www.yahoo.com > +trace +norecurse +dnssec > > ; <<>> DiG 9.6.2-P2-RedHat-9.6.2-5.P2.fc12 <<>> @problemserver.net > www.yahoo.com +trace +norecurse +dnssec > ; (1 server found) > ;; global options: +cmd > . 444545 IN NS g.root-servers.net. > . 444545 IN NS h.root-servers.net. > . 444545 IN NS b.root-servers.net. > . 444545 IN NS a.root-servers.net. > . 444545 IN NS j.root-servers.net. > . 444545 IN NS e.root-servers.net. > . 444545 IN NS l.root-servers.net. > . 444545 IN NS m.root-servers.net. > . 444545 IN NS d.root-servers.net. > . 444545 IN NS i.root-servers.net. > . 444545 IN NS f.root-servers.net. > . 444545 IN NS c.root-servers.net. > . 444545 IN NS k.root-servers.net. > . 444545 IN RRSIG NS 8 0 518400 20110210000000 20 > 110202230000 21639 > . RdUUiw5gKXpACWIw/O94nxHWSzx5kP62zEhy/kuD8IvY6q1Mbv0GccwL > AErMQu3jlWC+3OMsYQmClticjC5eUkuIyvMQikeihkKty6J4IuaoTMYu > Xctg2R8QDgIhasF7kNOqdr/Akfk5A2kaeW+jE7OhikMnNUyvi5Ph+ORW XrE=3D > ;; Received 441 bytes from 10.13.255.102#53(10.13.255.102) in 36 ms > > com. 172800 IN NS a.gtld-servers.net. > com. 172800 IN NS b.gtld-servers.net. > com. 172800 IN NS c.gtld-servers.net. > com. 172800 IN NS d.gtld-servers.net. > com. 172800 IN NS e.gtld-servers.net. > com. 172800 IN NS f.gtld-servers.net. > com. 172800 IN NS g.gtld-servers.net. > com. 172800 IN NS h.gtld-servers.net. > com. 172800 IN NS i.gtld-servers.net. > com. 172800 IN NS j.gtld-servers.net. > com. 172800 IN NS k.gtld-servers.net. > com. 172800 IN NS l.gtld-servers.net. > com. 172800 IN NS m.gtld-servers.net. > com. 86400 IN NSEC coop. NS RRSIG NSEC > com. 86400 IN RRSIG NSEC 8 1 86400 20110211000000 2 > 0110203230000 > 21639 . gR5+PdxFQpmd+bLdUdWH0qmumxkOOwW5PI0Yb0/XwxBGo5NC3UesAUWl > PHp5X+6vlhqeJhzZnJRC2XHKFl3LbSnxgvXX3eiGQ8opoSCuF2IqKX3h > hGXHqmKvV/bsXJY5FvjfrDMWQYSTS4tt9lURSlBAuJd1jWi+uXtMfafF U0o=3D > ;; Received 718 bytes from 193.0.14.129#53(k.root-servers.net) in 121 ms > > yahoo.com. 172800 IN NS ns1.yahoo.com. > yahoo.com. 172800 IN NS ns5.yahoo.com. > yahoo.com. 172800 IN NS ns2.yahoo.com. > yahoo.com. 172800 IN NS ns3.yahoo.com. > yahoo.com. 172800 IN NS ns4.yahoo.com. > ;; Received 212 bytes from 192.43.172.30#53(i.gtld-servers.net) in 38 ms > > www.yahoo.com. 300 IN CNAME fp.wg1.b.yahoo.com. > wg1.b.yahoo.com. 300 IN NS yf2.yahoo.com. > wg1.b.yahoo.com. 300 IN NS yf5.yahoo.com. > wg1.b.yahoo.com. 300 IN NS yf1.yahoo.com. > wg1.b.yahoo.com. 300 IN NS yf8.yahoo.com. > wg1.b.yahoo.com. 300 IN NS yf6.yahoo.com. > wg1.b.yahoo.com. 300 IN NS yf3.yahoo.com. > wg1.b.yahoo.com. 300 IN NS yf4.yahoo.com. > wg1.b.yahoo.com. 300 IN NS yf7.yahoo.com. > ;; Received 337 bytes from 68.142.196.63#53(ns4.yahoo.com) in 58 ms > > > I don't see it resolving to an A record, seems to stop after providing > a CNAME entry. > > Also the server in question can easily get to microsoft.com, > google.com (I mean resolve), it's just www.yahoo.com and this am it's > actually yahoo.com as well. > > [tblue@tblue-laptop ~]$ dig @ns2.sv.admission.net yahoo.com > > ; <<>> DiG 9.6.2-P2-RedHat-9.6.2-5.P2.fc12 <<>> @problemserver.net yahoo.com > ; (1 server found) > ;; global options: +cmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 19162 > ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 > > ;; QUESTION SECTION: > ;yahoo.com. IN A > > ;; Query time: 1223 msec > ;; SERVER: 10.13.255.102#53(10.13.255.102) > ;; WHEN: Fri Feb 4 09:53:35 2011 > ;; MSG SIZE rcvd: 27 > > [tblue@tblue-laptop ~]$ dig @problemserver.net google.com > > ; <<>> DiG 9.6.2-P2-RedHat-9.6.2-5.P2.fc12 <<>> @problemserver.net google.c= > om > ; (1 server found) > ;; global options: +cmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48213 > ;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 4, ADDITIONAL: 0 > > ;; QUESTION SECTION: > ;google.com. IN A > > ;; ANSWER SECTION: > google.com. 300 IN A 74.125.224.16 > google.com. 300 IN A 74.125.224.17 > google.com. 300 IN A 74.125.224.18 > google.com. 300 IN A 74.125.224.19 > google.com. 300 IN A 74.125.224.20 > > ;; AUTHORITY SECTION: > google.com. 99327 IN NS ns4.google.com. > google.com. 99327 IN NS ns1.google.com. > google.com. 99327 IN NS ns3.google.com. > google.com. 99327 IN NS ns2.google.com. > > ;; Query time: 59 msec > ;; SERVER: 10.13.255.102#53(10.13.255.102) > ;; WHEN: Fri Feb 4 09:53:40 2011 > ;; MSG SIZE rcvd: 180 > > Tcpdumps show what I've believed, connection is fine to the dns server > but this server for some reason will not resolve www.yahoo.com or > yahoo.com. > > tcpdump: verbose output suppressed, use -v or -vv for full protocol decode > listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes > 10:16:25.573927 IP clientsystem.net.58856 > problemserver.net.domain: > 2579+ A? yahoo.com. (27) > 10:16:30.574299 IP clientsystem.net.58856 > problemserver.net.domain: > 2579+ A? yahoo.com. (27) > 10:16:35.574785 IP clientsystem.net.58856 > problemserver.net.domain: > 2579+ A? yahoo.com. (27) > 10:16:55.575686 IP problemserver.net.domain > clientsystem.net.58856: > 2579 ServFail 0/0/0 (27) > 10:17:16.920262 IP clientsystem.net.54365 > problemserver.net.domain: > 64676+ A? yahoo.com. (27) > 10:17:21.920251 IP clientsystem.net.54365 > problemserver.net.domain: > 64676+ A? yahoo.com. (27) > 10:17:26.920310 IP clientsystem.net.54365 > problemserver.net.domain: > 64676+ A? yahoo.com. (27) > 10:17:46.921745 IP problemserver.net.domain > clientsystem.net.54365: > 64676 ServFail 0/0/0 (27) > 10:18:00.081853 IP clientsystem.net.46709 > problemserver.net.domain: > 49385+ A? znet.net. (26) > 10:18:00.097763 IP problemserver.net.domain > clientsystem.net.46709: > 49385 1/4/0 A 66.63.136.98 (130) > 10:18:22.985702 IP clientsystem.net.48284 > problemserver.net.domain: > 46982+ A? microsoft.com. (31) > 10:18:22.986201 IP problemserver.net.domain > clientsystem.net.48284: > 46982 2/5/5 A 207.46.197.32, A 207.46.232.182 (241) > 10:18:33.823524 IP clientsystem.net.36393 > problemserver.net.domain: > 12471+ A? www.yahoo.com. (31) > 10:18:38.823839 IP clientsystem.net.36393 > problemserver.net.domain: > 12471+ A? www.yahoo.com. (31) > 10:18:43.824424 IP clientsystem.net.36393 > problemserver.net.domain: > 12471+ A? www.yahoo.com. (31) > 10:19:03.824703 IP problemserver.net.domain > clientsystem.net.36393: > 12471 ServFail 0/0/0 (31) > > So servfail just to yahoo, but fine for microsoft, google, znet you > name it. yahoo is being tricky.
So that was the trace between the client and the nameserver. What about the trace between the nameserver and the rest of the world? The log message is trigger by multiple queries from your nameserver not being answered and named falling back simpler queries in a attempt to get them answered. The log message says how much simpler it made the query before it succeeded. It doesn't tell you the cause because it doesn't know. Mark > Thanks > Tory > _______________________________________________ > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
