MX records incomplete wierd error

[Jim Reid]

>>>>> "John" == King, John (Greg) (OAO-HOU) <jking at houston.oao.com> writes:

    John> I have been trying to find a cause for this and so far no
    John> luck. I am running the latest version of Bind 8 on a Sparc
    John> (Solaris 2.7) behind a firewall.

The MX records for hsc.com check out just fine. So the discrepancy --
if indeed there is one -- can be attributed to a configuration error
on one of the name servers. Or perhaps the A records for the MX
targets are just getting expired from the cache? If you'd used dig to
make the queries, we could have seen the actual answers from the
servers with their flags bits and TTLs. Are you using forwarding? If
so, this might explain why stuff vanishes from the cache so quickly.
Try dumping your server's cache and find out where it is getting its
information about hac.com from.

The NS records for hsc.com are a bit clumsy. This zone is served by
fw-es06.hac.com and fw-es10.hac.com. The hac.com zone is in turn
served by fw-he0{2,4}.hughes.com. This should get cleaned up: maybe
hsc.com and hac.com should be served by fw-he0{2,4}.hughes.com? I've
bcc'ed the admins of these zones, so maybe they'll chase this up.

BTW you should use a decent DNS lookup tool like dig, not the
disgusting abomination that is nslookup.

    John> I am getting queued mail to a specific site due what I
    John> believe is missing A records for some mail exchangers when a
    John> lookup occurs.

Well the A records certainly exist. Your server seems unable to find
them for some reason. Since you didn't show us the named.conf file of
that server, it's hard to say why that is. It could be something to do
with how that server has been configured or how it is allowed to make
queries through your firewall.