BIND 8.3.3 weird behaviour

David Botham dns at botham.net
Mon Sep 23 18:34:31 UTC 2002




> -----Original Message-----
> From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org] On
> Behalf Of Original Rudebwoy
> Sent: Monday, September 23, 2002 2:12 PM
> To: comp-protocols-dns-bind at isc.org
> Subject: BIND 8.3.3 weird behaviour
> 
> 
> I'm running BIND 8.3.3 on Solaris 8, I'm getting strange results for
> one domain that we try to send mail to. When I do a "dig
> mail.jp-group.com" the first time I get an authoritative answer shown
> in Example 1. But if I issue the same command above, after issuing a
> "dig mx jp-group.com"  I end up with non-authoritative resopne which
> includes a CNAME record which points to jp-group.com as shown in
> Example 2. What is weird about this, is that there is no CNAME records
> for mail.jp-group.com according to the authoritative server
> ns1.netnation.com as shown in Example 3.


Notice that there *is* a cname for this data maintained at the source.

dig mail.jp-group.com @NS1.NETNATION.com cname

; <<>> DiG 8.3 <<>> mail.jp-group.com @NS1.NETNATION.com cname 
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUERY SECTION:
;;      mail.jp-group.com, type = CNAME, class = IN

;; ANSWER SECTION:
mail.jp-group.com.      1H IN CNAME     jp-group.com.

;; Total query time: 190 msec
;; FROM: nsca1 to SERVER: NS1.NETNATION.com  204.174.223.1
;; WHEN: Tue Feb 11 20:30:23 2003
;; MSG SIZE  sent: 35  rcvd: 49

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+

dig mail.jp-group.com @NS2.NETNATION.com cname

; <<>> DiG 8.3 <<>> mail.jp-group.com @NS2.NETNATION.com cname 
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUERY SECTION:
;;      mail.jp-group.com, type = CNAME, class = IN

;; ANSWER SECTION:
mail.jp-group.com.      59m40s IN CNAME  jp-group.com.

;; AUTHORITY SECTION:
jp-group.com.           1d23h59m40s IN NS  NS1.NETNATION.com.
jp-group.com.           1d23h59m40s IN NS  NS2.NETNATION.com.

;; ADDITIONAL SECTION:
NS1.NETNATION.com.      6d23h11m15s IN A  204.174.223.1
NS2.NETNATION.com.      4d23h11m14s IN A  204.174.223.31

;; Total query time: 82 msec
;; FROM: nsca1 to SERVER: NS2.NETNATION.com  204.174.223.31
;; WHEN: Tue Feb 11 20:28:27 2003
;; MSG SIZE  sent: 35  rcvd: 127

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

I think the domain admin should fix this problem.  They should be
getting a "CNAME and Other Data" error when they load the zone.
However, I do not think they are running BIND and I am not sure what the
PowerDNS will do with this type of mis-configuration.

Dave...



> 
> The reason I need to resolve this, is because when sending mail to
> user at jp-group.com I'm connecting to 204.174.223.17 which doesnt accept
> mail for that domain rather than 209.17.183.209 which does accept mail
> for jp-group.com.
> 
> Any help would be appreciated, otherwise my only fix is to create the
> zone jp-group on my DNS server.
> 
> 
> 
> 
> Example 1
> # dig mail.jp-group.com
> 
> ; <<>> DiG 8.3 <<>> mail.jp-group.com
> ;; res options: init recurs defnam dnsrch
> ;; got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL:
> 0
> ;; QUERY SECTION:
> ;;      mail.jp-group.com, type = A, class = IN
> 
> ;; ANSWER SECTION:
> mail.jp-group.com.      1H IN A         209.17.183.209
> 
> ;; Total query time: 66 msec
> ;; FROM: hostA to SERVER: default -- 127.0.0.1
> ;; WHEN: Mon Sep 23 10:19:02 2002
> ;; MSG SIZE  sent: 35  rcvd: 51
> 
> ******************************************
> 
> Example 2
> 
> # dig mail.jp-group.com
> 
> ; <<>> DiG 8.3 <<>> mail.jp-group.com
> ;; res options: init recurs defnam dnsrch
> ;; got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 2, ADDITIONAL: 2
> ;; QUERY SECTION:
> ;;      mail.jp-group.com, type = A, class = IN
> 
> ;; ANSWER SECTION:
> mail.jp-group.com.      54m1s IN A      209.17.183.209
> mail.jp-group.com.      59m33s IN CNAME  jp-group.com.
> jp-group.com.           53m14s IN A     204.174.223.17
> 
> ;; AUTHORITY SECTION:
> jp-group.com.           3h16m44s IN NS  ns2.netnation.com.
> jp-group.com.           3h16m44s IN NS  ns1.netnation.com.
> 
> ;; ADDITIONAL SECTION:
> ns2.netnation.com.      12h3m22s IN A   204.174.223.31
> ns1.netnation.com.      12h3m22s IN A   204.174.223.1
> 
> ;; Total query time: 4 msec
> ;; FROM: hostA to SERVER: default -- 127.0.0.1
> ;; WHEN: Mon Sep 23 10:25:01 2002
> ;; MSG SIZE  sent: 35  rcvd: 159
> 
> ***************************************
> 
> Example 3
> 
> # dig @ns1.netnation.com any mail.jp-group.com
> 
> ; <<>> DiG 8.3 <<>> @ns1.netnation.com any mail.jp-group.com
> ; (1 server found)
> ;; res options: init recurs defnam dnsrch
> ;; got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4
> ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
> ;; QUERY SECTION:
> ;;      mail.jp-group.com, type = ANY, class = IN
> 
> ;; ANSWER SECTION:
> mail.jp-group.com.      1H IN A         209.17.183.209
> 
> ;; Total query time: 68 msec
> ;; FROM: hostA to SERVER: ns1.netnation.com  204.174.223.1
> ;; WHEN: Mon Sep 23 13:50:01 2002
> ;; MSG SIZE  sent: 35  rcvd: 51



More information about the bind-users mailing list