[ale] named loosing a domain?

Robert L. Harris Robert.L.Harris at rnd-consulting.com
Mon Jun 26 16:52:37 EDT 2000 




Right.  This I have.  The problem is it happens constantly, and has been for a few
months now.  I can't see anything wrong with sunline.net and they claim there
is nothing wrong either.

Robert

Thus spake Joe Steele (joe at madewell.com):

> Try using "dig" (or else turn on debugging inside nslookup).  If bind is reporting a non-existent domain, then it should have an authority record identifying where the info came from.  For example, "dig ghost.bogusdomain.com" gives the following:
> 
> ; <<>> DiG 8.2 <<>> ghost.bogusdomain.com 
> ;; res options: init recurs defnam dnsrch
> ;; got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
> ;; QUERY SECTION:
> ;;      ghost.bogusdomain.com, type = A, class = IN
> 
> ;; AUTHORITY SECTION:
> COM.                    1D IN SOA       A.ROOT-SERVERS.NET. hostmaster.internic.NET. (
>                                         2000062600      ; serial
>                                         30M             ; refresh
>                                         15M             ; retry
>                                         1W              ; expiry
>                                         1D )            ; minimum
> 
> 
> ;; Total query time: 307 msec
> ;; FROM: lan2 to SERVER: default -- 192.168.2.1
> ;; WHEN: Mon Jun 26 15:50:20 2000
> ;; MSG SIZE  sent: 39  rcvd: 116
> 
> 
> Now if I repeat the command a second time, I get a slightly different result:
> 
> ; <<>> DiG 8.2 <<>> ghost.bogusdomain.com 
> ;; res options: init recurs defnam dnsrch
> ;; got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
> ;; QUERY SECTION:
> ;;      ghost.bogusdomain.com, type = A, class = IN
> 
> ;; AUTHORITY SECTION:
> COM.                    2h54m42s IN SOA  A.ROOT-SERVERS.NET. hostmaster.internic.NET. (
>                                         2000062600      ; serial
>                                         30M             ; refresh
>                                         15M             ; retry
>                                         1W              ; expiry
>                                         1D )            ; minimum
> 
> 
> ;; Total query time: 2 msec
> ;; FROM: lan2 to SERVER: default -- 192.168.2.1
> ;; WHEN: Mon Jun 26 15:55:37 2000
> ;; MSG SIZE  sent: 39  rcvd: 116
> 
> The difference is in the time-to-live value of the SOA record.  The first time, bind had to contact an authoritative server for  ".com" in order to get the NXDOMAIN response.  This negative response is then cached locally for a period of 3 hours (bind's default for such data).  When I repeat the query 5 min. 18 sec. later, I get the same response (this time retrieved from the local cache) with a time-to-live of 2h54m42s.  This can help you identify which level in the domain name is generating the error (".com" in this example).  It can also give you an idea of when the error occurred.
> 
> In your case, the error is probably short lived, but because it is being cached, the error is persistent until the cached data times out or until you clear the cache by restarting bind.
> 
> I had a similar thing happen to me recently, where the ".com" servers were saying that a domain of mine didn't exist.  I could tell from the locally cached data when the error had occurred, but by the time I started looking into the problem, everything was normal again (except for the bad data in my cache).
> 
> --Joe
> 
> 
> -----Original Message-----
> From:	Robert L. Harris [SMTP:Robert.L.Harris at rnd-consulting.com]
> Sent:	Monday, June 26, 2000 10:00 AM
> To:	Atlanta Linux Enthusiasts
> Subject:	[ale] named loosing a domain?
> 
> 
> 
> Ok,
>   I'm running a debian linux box with the latest packages (potato).  Every
> now and then I try to mail my father at sunline.net.  Sometimes I get an
> email 4hrs later it says it can't find the domain.  If I do an nslookup
> on "sunline.net" it says no such domain.  If I restart bind via rc script
> and do the lookup again it works great.  I dont seem to have problems with
> any other domains.
> 
>   Anyone have any theories?
> 
> Robert
> 
> 
> :wq!
> ---------------------------------------------------------------------------
> Robert L. Harris                |  Micros~1 :  
> Senior System Engineer          |    For when quality, reliability 
>   at RnD Consulting             |      and security just aren't
>                                 \_       that important!
> DISCLAIMER:
>       These are MY OPINIONS ALONE.  I speak for no-one else.
> FYI:
>  perl -e 'print $i=pack(c5,(41*2),sqrt(7056),(unpack(c,H)-2),oct(115),10);'
> 
> --
> To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.



:wq!
---------------------------------------------------------------------------
Robert L. Harris                |  Micros~1 :  
Senior System Engineer          |    For when quality, reliability 
  at RnD Consulting             |      and security just aren't
                                \_       that important!
DISCLAIMER:
      These are MY OPINIONS ALONE.  I speak for no-one else.
FYI:
 perl -e 'print $i=pack(c5,(41*2),sqrt(7056),(unpack(c,H)-2),oct(115),10);'

--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.

More information about the Ale mailing list