;; ANSWER SECTION: dns.epza.gov.tw. 3600 IN CNAME ns.epza.gov.tw. ns.epza.gov.tw. 3600 IN A 163.29.43.1
There's the problem. CNAME and NS records don't mix. Returns a SERVFAIL. Configuration error on their side. On Mon, Aug 8, 2011 at 3:15 PM, Mark K. Pettit <pet...@yahoo-inc.com> wrote: > > My resolvers, running BIND 9.7.3P3, are having a difficult time resolving the > MX record for the zone "epza.gov.tw.". > > When I run "dig +trace", this is the response I get: > > $ dig +trace epza.gov.tw. mx > > ; <<>> DiG 9.7.3-P3 <<>> +trace epza.gov.tw. mx > ;; global options: +cmd > . 381415 IN NS c.root-servers.net. > . 381415 IN NS b.root-servers.net. > . 381415 IN NS g.root-servers.net. > . 381415 IN NS m.root-servers.net. > . 381415 IN NS d.root-servers.net. > . 381415 IN NS j.root-servers.net. > . 381415 IN NS h.root-servers.net. > . 381415 IN NS k.root-servers.net. > . 381415 IN NS f.root-servers.net. > . 381415 IN NS i.root-servers.net. > . 381415 IN NS l.root-servers.net. > . 381415 IN NS a.root-servers.net. > . 381415 IN NS e.root-servers.net. > ;; Received 512 bytes from 203.188.201.230#53(203.188.201.230) in 0 ms > > tw. 172800 IN NS a.dns.tw. > tw. 172800 IN NS b.dns.tw. > tw. 172800 IN NS c.dns.tw. > tw. 172800 IN NS d.dns.tw. > tw. 172800 IN NS e.dns.tw. > tw. 172800 IN NS f.dns.tw. > tw. 172800 IN NS g.dns.tw. > tw. 172800 IN NS h.dns.tw. > tw. 172800 IN NS ns.twnic.net. > ;; Received 471 bytes from 193.0.14.129#53(k.root-servers.net) in 157 ms > > gov.tw. 86400 IN NS a.twnic.net.tw. > gov.tw. 86400 IN NS b.twnic.net.tw. > gov.tw. 86400 IN NS c.twnic.net.tw. > ;; Received 191 bytes from 220.229.225.195#53(g.dns.tw) in 5 ms > > epza.gov.tw. 43200 IN NS dns.epza.gov.tw. > ;; Received 63 bytes from 192.83.166.9#53(a.twnic.net.tw) in 1 ms > > ;; connection timed out; no servers could be reached > > But if I query any of [abc].twnic.net.tw. directly for the IP address of > dns.epza.gov.tw, I get an answer. Example: > > $ dig @a.twnic.net.tw. epza.gov.tw. mx > > ; <<>> DiG 9.7.3-P3 <<>> @a.twnic.net.tw. epza.gov.tw. mx > ; (2 servers found) > ;; global options: +cmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32687 > ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 > ;; WARNING: recursion requested but not available > > ;; QUESTION SECTION: > ;epza.gov.tw. IN MX > > ;; AUTHORITY SECTION: > epza.gov.tw. 43200 IN NS dns.epza.gov.tw. > > ;; ADDITIONAL SECTION: > dns.epza.gov.tw. 43200 IN A 163.29.43.1 > > ;; Query time: 2 msec > ;; SERVER: 192.83.166.9#53(192.83.166.9) > ;; WHEN: Tue Aug 9 04:14:09 2011 > ;; MSG SIZE rcvd: 63 > > It appears to me that BIND is seeing this response, and then ignoring the IP > in the Additional section. > > Any idea why this might be happening? > > Mark Pettit > pet...@yahoo-inc.com > > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users -- Jonathan French pikel....@gmail.com _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
