name resolution issue

aottl at mpmail.net aottl at mpmail.net
Fri Jan 5 07:41:35 UTC 2001 

Barry Margolin wrote:
> 
> In article <9329ja$1ip at pub3.rc.vix.com>,
> Hildreth, John W. <John.Hildreth at allegiancetelecom.com> wrote:
> >
> >have you registered your anmeserver with network solutions?
> >It must be registered with them or another domain name provider for the rest
> >of the net to know about it.
> >(in fact last time I tried to register a domain with a nameserver that wasnt
> >a registered internet name server, the domain name was
> >delayed until I fixed it by registering my nameserver)
> 
> He did (you could have told this yourself with a simple WHOIS query),
> although in this case it shouldn't matter.  Since the nameserver isn't in
> the domain being delegated, glue isn't needed.
> 
> >On Thursday, January 04, 2001 10:01 AM, zerodivide1101 at my-deja.com
> >[SMTP:zerodivide1101 at my-deja.com] wrote:
> >> I've looked everywhere I can think of for an
> >> answer to this question, but no
> >> luck.
> >>
> >> I'm trying to host DNS for a friend's domain on
> >> my Linux box/cable modem.
> >>
> >> There is an A record that points the name
> >> "ns.zerodivide.cx" to my IP
> >> address, and this is the name that my friend used
> >> when he delegated his
> >> domain.
> >>
> >> Some name servers have no problem whatsoever
> >> doing the lookup.  Others, for
> >> example shore.net's and earthlink.net's,
> >> generally can't.  The odd thing
> >> about it is what happens in the copied and pasted
> >> nslookup results below.
> 
> All the delegation and server configurations for theycomeoutatnight.com and
> zerodivide.cx seem to be OK.  I think what may be going on is that
> answering this query requires talking to lots of different nameservers, and
> the query is timing out.
> 
> Let's assume that the only thing in the nameserver's cache is the root NS
> records and the delegation records for the GTLDs.  It has to go through the
> following queries:
> 
> Ask a COM server for www.theycomeoutatnight.com.  It returns a referral to
> ns.zerodivide.cx.  Since the nameserver isn't in the same domain, and the
> root server doesn't have ns.zerodivide.cx in its cache, no glue record is
> included in the response.
> 
> Ask a root server for ns.zerodivide.cx.  It returns a referral to the
> servers for the CX TLD, and includes glue records for all of them.  I
> deliberately assumed above that only the GTLD delegations are in the
> nameserver's cache, since there's a pretty good chance than an obscure
> country domain (Christmas Island?) won't be cached.  I'm not exactly sure
> why these glue records are all being included -- maybe there's a special
> hack for TLD glue records.
> 
> Ask one of the CX servers for ns.zerodivide.cx.  It returns a referral to
> zerodivide.ne.mediaone.net.  This probably won't include the glue record
> (some of the CX servers have recursion enabled, and it appears that people
> investigating your problem may have caused the A record to be cached, but
> ne.mediaone.net TTLs are only 30 minutes so they'll time out soon).
> 
> Ask one of the NET servers for zerodivide.ne.mediaone.net.  It will returne
> a referral to the mediaone.net servers.
> 
> Ask one of the mediaone.net servers for zerodivide.ne.mediaone.net.  2 out
> of the 3 mediaone.net servers also happen to be servers for the
> ne.mediaone.net subdomain, so you have a 67% probability of getting the
> answer, and a 33% probability of getting a referral to the ne.mediaone.net
> servers.
> 
> In that 33% case, you ask one of the ne.mediaone.net servers for
> zerodivide.ne.mediaone.net.  It gives you the answer.
> 
> Now you can finally ask zerodivide.ne.mediaone.net for
> www.theycomeoutatnight.com.
> 
> The next time you try it, most of these answers are in your server's cache,
> so it can skip many of the steps and get the answer quickly.
> 

Are you sure that BIND will by design go through that chain of queries?
There's even a chance of forming a loop like delegating aaa.com to
ns.bbb.de and delegating bbb.de to ns.aaa.com. What would BIND do in
that case? There must be some limit on hunting for glue records, right?
Another example that doesn't resolve because of a similar set of
glueless delegations is www.monty.de. But maybe I'm on the wrong track
with that. Check it out, just for laughs. I recently had to explain to
customers that no it's not our fault that our name servers can't resolve
that name.
And by the way, no it doesn't work on the second try or the third or ...
unless you hit a caching name server by chance and TLD name servers
usually aren't.


> --
> Barry Margolin, barmar at genuity.net
> Genuity, Burlington, MA
> *** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
> Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.

-- 
Alexander Ottl
Media Professionals AG           Tel.: +49 (89) 51554-169
Bayerstrasse 21                  Fax : +49 (89) 51554-199
D-80335 Muenchen - Germany       http://www.media-professionals.de

More information about the bind-users mailing list