On Fri, 17 Feb 2006 22:24:29 -0800 Doug Barton <[EMAIL PROTECTED]>
wrote:
>[EMAIL PROTECTED] wrote:
>> Hello all!
>>
>> I am not sure if this is the right place to discuss this issue
>
>For future reference, the bind-users list at ISC is probably a better forum,
>but this is as good as any. :)
>
>> but I am
>> experiencing strange behaviour with bind9 + host command with some domains
>> that bind are _not_ authoritative
>
>I assume you mean domains for which you are not authoritative, in other
>words, domains you have no control over.
>
>> as the following example:
>>
>> # uname -a
>> FreeBSD server2.mydomain.com.br 5.4-RELEASE FreeBSD 5.4-RELEASE #0: Wed
>> Feb 1 22:18:04 BRST 2006
>> [EMAIL PROTECTED]:/usr/src/sys/i386/compile/SERVER2 i386
>>
>> # named -v
>> BIND 9.3.1
>
>When 5.5-RELEASE comes out (or better yet, 6.1-RELEASE) you should seriously
>consider upgrading. If you are doing anything mission critical that depends
>on DNS, BIND 9.3.2 is going to be an improvement for you.
>
>> # host cauexcnt001smtp.unibanco.com.br.
>> cauexcnt001smtp.unibanco.com.br has address 200.174.81.116
>> Host cauexcnt001smtp.unibanco.com.br not found: 2(SERVFAIL)
>
>The second line is caused because there is no AAAA record for that hostname,
>and by default host always queries for one. You can see that things are fine
>with the hostname itself by using 'host -t a', or by using dig as you did
>below. FYI, if you need to do any kind of serious DNS debugging, dig is
>always the best tool to use. The host command is best for simple lookups
>when you just need the answer.
>
>> That's the problem! host command replies with SERVFAIL. This also causes
>> sendmail to raise "host name lookup failure" and not deliver the messages.
>
>sendmail does not use the host command. The most likely cause for this
>failure is that the A record for cauexcnt001smtp.unibanco.com.br has a 0
>second TTL, which is not only stupid, it's extremely unfriendly. It's also
>possible that your system has IPv6 support enabled, but you don't have IPv6
>connectivity, and/or your sendmail is configured to use (or prefer) IPv6
>addresses. Also, if you have any input into the operation of this zone,
>suggest that they increase the TTL, and add an MX record for that hostname
>(even if it points to itself).
>
Another point to keep in mind is that sendmail requires authoritative
answers. It ignores non-authoritative responses.
Scott Bennett, Comm. ASMELG, CFIAG
**********************************************************************
* Internet: bennett at cs.niu.edu *
*--------------------------------------------------------------------*
* "A well regulated and disciplined militia, is at all times a good *
* objection to the introduction of that bane of all free governments *
* -- a standing army." *
* -- Gov. John Hancock, New York Journal, 28 January 1790 *
**********************************************************************
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
