some DNS servers return IP, some return list of root servers...why?

Barry Margolin barmar at genuity.net
Wed Jun 28 22:19:45 UTC 2000


In article <cvs65.181$4h2.45957 at news.dbn.net>,
Chris Weiss <chrisweiss at wilsonmfg.com> wrote:
>
>"Barry Margolin" <barmar at genuity.net> wrote in message
>news:QJq65.89$MK2.1998 at burlma1-snr2...
>> In article <9xo65.178$4h2.45605 at news.dbn.net>,
>> Chris Weiss <chrisweiss at wilsonmfg.com> wrote:
>> 151.164.1.1 (ns1.swbell.net) has recursion disabled; you can tell this
>> because the "flags" section of the response doesn't include "ra".  It's
>not
>> intended to be used by resolvers, it's just for answering queries about
>the
>> domains that swbell.net hosts.
>> If the people who can't send you mail have 151.164.1.1 in their resolver
>> configuration, they're misconfigured.
>
>that interesting...because that was just one example.  There are many other
>people that have the same problem, but only to us.  Besides, it's the mail
>servers that can't resolve so if this were really the case then these people
>would not be able to send to anyone outside their comapany.  Any other
>guesses or am I way off on the way I see this?

OK, I've looked at the wilsonmfg.com domain, and it has some problems of
its own.

According to the InterNIC registration, the nameservers for this domain are
ns1.pnix.net and ns2.pnix.net.  But in the domain itself, the only NS
record it has is:

wilsonmfg.com.		10h40m IN NS	ns.wilsonmfg.com.

Records that come from the authoritative server are considered more
credible than those that come from the parent domain, so this NS record
ends up replacing the NS records listing the pnix.net servers in caches.
If your nameserver then stops responding, they won't use the pnix.net
servers as backups.

The other problem with this NS record is that there's no glue record in the
parent domain.  So if the A record for ns.wilsonmfg.com times out of a
server's cache, it will just have an NS record pointing to a hostname that
it can't resolve.  Since the hostname is in the domain that it serves,
there's no way for it to fix it (to get the server's address it would have
to ask that server, but to do that it needs to know its address).

You need to add:

wilsonmfg.com.  IN NS  ns1.pnix.net.
wilsonmfg.com.  IN NS  ns2.pnix.net.

to your domain.

It's not related to your problem, but your MX records are also wrong.  You
have:

wilsonmfg.com.		10h40m IN MX	10 mail.wilsonmfg.com.
wilsonmfg.com.		10h40m IN MX	20 216.178.151.43.

The first one is fine, but the second one is no good.  MX records have to
point to hostnames, not IP addresses.  You need to do something like:

mail2.wilsonmfg.com.  IN A  216.178.151.43
wilsonmfg.com.        IN MX 20 mail2.wilsonmfg.com.

-- 
Barry Margolin, barmar at genuity.net
Genuity, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.



More information about the bind-users mailing list