named quits resolving certain domains

Mike Miller mikem at ndtc.ndtel.com
Thu Jan 25 01:55:46 UTC 2001 

ok, I was watching the triton.net domain, and after my name server finally
did resolve it, about 45 mins later it could'nt find it again.  Is there
something with caching that I am missing?

Mike

On Wed, 24 Jan 2001, Kevin Darcy wrote:

> 
> Those off-site nameservers are probably getting occasional SERVFAILs as you are, but
> once they get a good answer, they cache it. Since they're probably being hit more often
> for those names than your servers, the answer is more likely to already be in their
> cache at any particular point in time.
> 
> Another factor is that named is somewhat adaptive -- for instance, it will, under some
> circumstances, mark another nameserver as "lame" and not use it for a while. So, even
> in the absence of a cached answer, a busier nameserver may have a better "track
> record" of other nameservers and therefore be better equipped to resolve a given query.
> 
> 
> - Kevin
> 
> Mike Miller wrote:
> 
> > so all of my problems seem to not be my problems??? I am just wondering
> > why off site name server will answer to some of these problem domains when
> > mine will not???
> >
> > On Wed, 24 Jan 2001, Kevin Darcy wrote:
> >
> > >
> > > ns1.triton.net answers non-authoritatively with a constant TTL, suggesting that it
> > > may be a master which is failing to load its master zone, probably due to a syntax
> > > error in the zone file.
> > >
> > > ns2.triton.net answers non-authoritatively with a declining TTL, suggesting that
> > > it is not functioning either as a master or a slave (possibly the zone expired).
> > >
> > >
> > > - Kevin
> > >
> > > Barry Margolin wrote:
> > >
> > > > In article <94mvbp$r4t at pub3.rc.vix.com>, mike miller  <mikem at ndtel.com> wrote:
> > > > >;; res_nmkquery(QUERY, triton.net, IN, A)
> > > > >------------
> > > > >Got answer:
> > > > >    HEADER:
> > > > >        opcode = QUERY, id = 41604, rcode = SERVFAIL
> > > > >        header flags:  response, want recursion, recursion avail.
> > > > >        questions = 1,  answers = 0,  authority records = 0,  additional
> > > > >= 0
> > > > >
> > > > >    QUESTIONS:
> > > > >        triton.net, type = A, class = IN
> > > > >
> > > > >------------
> > > > >;; res_nmkquery(QUERY, triton.net.stellarnet.com, IN, A)
> > > > >------------
> > > > >Got answer:
> > > > >    HEADER:
> > > > >        opcode = QUERY, id = 41605, rcode = NXDOMAIN
> > > > >        header flags:  response, auth. answer, want recursion, recursion
> > > > >avail.
> > > > >        questions = 1,  answers = 0,  authority records = 1,  additional
> > > > >= 0
> > > > >
> > > > >    QUESTIONS:
> > > > >        triton.net.stellarnet.com, type = A, class = IN
> > > > >    AUTHORITY RECORDS:
> > > > >    ->  stellarnet.com
> > > > >        ttl = 86400 (1D)
> > > > >        origin = ns.stellarnet.com
> > > > >        mail addr = hostmaster.stellarnet.com
> > > > >        serial = 199902043
> > > > >        refresh = 10800 (3H)
> > > > >        retry   = 3600 (1H)
> > > > >        expire  = 604800 (1W)
> > > > >        minimum ttl = 86400 (1D)
> > > > >
> > > > >------------
> > > > >*** ns1.stellarnet.com can't find triton.net: Non-existent host/domain
> > > > >
> > > > >Why does it say triton.net.stellarnet.com when its only triton.net.  I
> > > >
> > > > It first tried just triton.net and get a SERVFAIL error code.  When it
> > > > can't find a name as given, it then tries looking it up with the default
> > > > domain appended.
> > > >
> > > > >then did a dig on triton.net and it produced the following:
> > > > >[root at ns1 named]# dig triton.net
> > > > >
> > > > >; <<>> DiG 8.2 <<>> triton.net
> > > > >;; res options: init recurs defnam dnsrch
> > > > >;; got answer:
> > > > >;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4
> > > > >;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
> > > > >;; QUERY SECTION:
> > > > >;;      triton.net, type = A, class = IN
> > > > >
> > > > >;; ANSWER SECTION:
> > > > >triton.net.             13h10m45s IN A  209.172.0.5
> > > > >
> > > > >;; AUTHORITY SECTION:
> > > > >triton.net.             1d20h57m7s IN NS  NS2.triton.net.
> > > > >triton.net.             1d20h57m7s IN NS  NS1.triton.net.
> > > > >
> > > > >;; ADDITIONAL SECTION:
> > > > >NS2.triton.net.         1d20h57m7s IN A  209.172.0.8
> > > > >NS1.triton.net.         1d20h57m7s IN A  209.172.0.5
> > > > >
> > > > >;; Total query time: 1 msec
> > > > >;; FROM: ns1.stellarnet.com to SERVER: default -- 205.198.5.2
> > > > >;; WHEN: Wed Jan 24 10:15:31 2001
> > > > >;; MSG SIZE  sent: 28  rcvd: 112
> > > > >
> > > > >Then I did another nslookup and it worked???
> > > > >very confusing??
> > > >
> > > > It looks like the problem is that ns2.triton.net is misconfigured, as it is
> > > > not authoritative for the triton.net domain.  So if your local server
> > > > happens to ask ns1, it will get an answer, but if it asks ns2 it may or may
> > > > not get an answer, depending on whether ns2 happens to have the answer
> > > > cached.  If the answer isn't cached it will return a SERVFAIL error code,
> > > > and your local server will return that to you.
> > > >
> > > > --
> > > > Barry Margolin, barmar at genuity.net
> > > > Genuity, Burlington, MA
> > > > *** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
> > > > Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.
> > >
> > >
> > >
> > >
> > >
> 
> 
> 
> 
>

More information about the bind-users mailing list