Found mx / A record problem but how do i fix it?

Kevin Darcy kcd at daimlerchrysler.com
Sat May 19 01:39:41 UTC 2001


I think you're misinterpreting the cache dump. What it's saying is that
fw-es05.HAC.com.mydom.ain doesn't exist. That's *true*, isn't it? The reason
you're even getting these "negative caching" entries is probably because some
resolver is implementing a "search" algorithm, i.e. fw-es05.HAC.com didn't
resolve, so tack on the local domain (mydom.ain) and try it as
fw-es05.HAC.com.mydom.ain.

Note, however, that this negative cache entry would in no way *displace* an
existing cache entry for fw-es05.mydom.ain, since it's a different name.


- Kevin

King, John (Greg) (OAO-HOU) wrote:

> >From the cache these 2 addresses are the MX entries that dissapeared once
> cached. For some reason the HAC.com domain is being shoved into mine so when
> i try and do subsequent lookups the A records will never resolve and
> therefore go away.
>
> Now, how do I fix it? Or whats causing it?
>
> $ORIGIN HAC.com.mydom.ain.
> ;fw-es05        7418    IN      SOA     ns1.mydom.ain.
> dns.support.mydom.ain. (
> ;               2001051501 10800 1200 3600000 14400 );mydom.ain.;NXDOMAIN
> ;-$     ;Cr=auth [x.x.x.x]
> ;fw-es09        7391    IN      SOA     ns1.mydom.ain.
> dns.support.mydom.ain. (
> ;               2001051501 10800 1200 3600000 14400 );mydom.ain.;NXDOMAIN
> ;-$     ;Cr=auth [x.x.x.x]
>
> Thanks
> greg "Going bonkers over DNS" king
>
> -----Original Message-----
> From: Bill Larson [mailto:wllarso at swcp.com]
> Sent: Thursday, May 17, 2001 12:28 PM
> To: King, John (Greg) (OAO-HOU)
> Subject: Re: need help figuring this MX /A record query problem out
> *sigh*
>
> You need to allow TCP/port53 traffic through the firewall.  Some DNS
> queries, and all zone transfers, use TCP rather than UDP.  Without
> TCP, you may be missing DNS access in certain situations.
>
> Bill Larson
>
> > but i just thought of something and need to know if this could in any way
> > affect it. The firewall people blocked inbound TCP 53 completely. Only
> > allowing 53 UDP in.  Im am now at the point of trying to pull anything out
> > of thin air since as of yet no explanation and solution has been found for
> > this annoying problem and I cant prove its at HSC.com. I know understand
> the
> > earlier comments about running a cacheing and auth server which unconfused
> > the confusion on that issue but in our case performance aint a prob and
> > running both a cacheing and auth config of BIND has never hurt us before.





More information about the bind-users mailing list