Strange DNS resolving behavior

John Manly jwmanly at amherst.edu
Wed Apr 21 14:31:47 UTC 2004 

Greetings, all.  I'm experiencing a strange problem with DNS resolving
that I'm hoping someone can shed some light on.  A vendor that we work
with has set up a DNS name in their domain,
"amherst.publishingconcepts.com" as an A record with an IP address of
12.156.3.83.  However, my site's DNS servers (and one other ISP's DNS
servers that I can find) for some reason cannot resolve this address.
But every other DNS server that I've tried querying can resolve the
address.  Further, the problem appears to be specific to this particular
name -- other A records in the same domain (such as
www.publishingconcepts.com or tigernet.publishingconcepts.com) resolve
properly.  I have no idea where to start looking for a solution (or even
an explanation of this.)

Below are the results of some of my NSLOOKUP attempts to my own
nameserver, as well as those of Genuity/Level3 (the other set of DNS
servers that appear to be unable to resolve the name), and then a bunch
from DNS servers that appear to work properly.

First, here are three tests against my own name server.  The problematic
name produces a timeout, but another name within the same domain that I
know is valid works properly, and an attempt to translate a name that I
know doesn't exist gives the expected error result (but not a timeout).


$ nslookup -q=3DA amherst.publishingconcepts.com 148.85.1.1  # My
nameserver
;; connection timed out; no servers could be reached       # Timeout
response


$ nslookup -q=3DA www.publishingconcepts.com 148.85.1.1      # My
nameserver, trying another name
Server:         148.85.1.1
Address:        148.85.1.1#53
Non-authoritative answer:
Name:   www.publishingconcepts.com=20
Address: 12.156.3.116                                      # Looks like
it worked properly


$ nslookup -q=3DA foo.publishingconcepts.com 148.85.1.1      # My
nameserver, a name I know doesn't exist
Server:         148.85.1.1
Address:        148.85.1.1#53
** server can't find foo.publishingconcepts.com: NXDOMAIN  # The
expected error, not a timeout


Next, here are a series of NSLOOKUPs of the problematic name against a
series of other name servers, all of which appear to work fine:


$ nslookup amherst.publishingconcepts.com 138.110.1.1      # Mount
Holyoke College
Server:         138.110.1.1
Address:        138.110.1.1#53
Non-authoritative answer:
Name:   amherst.publishingconcepts.com
Address: 12.156.3.83    # <------------------------------- Correct
answer


$ nslookup amherst.publishingconcepts.com 128.119.166.8    # University
of Mass
Server:         128.119.166.8
Address:        128.119.166.8#53
Non-authoritative answer:
Name:   amherst.publishingconcepts.com
Address: 12.156.3.83    # <------------------------------- Correct
answer


$ nslookup amherst.publishingconcepts.com 151.202.0.68     # Verizon New
York DNS
Server:         151.202.0.68
Address:        151.202.0.68#53
Non-authoritative answer:
Name:   amherst.publishingconcepts.com
Address: 12.156.3.83    # <------------------------------- Correct
answer


$ nslookup amherst.publishingconcepts.com 199.45.45.14     # Verizon
Washington DC DNS
Server:         199.45.45.14
Address:        199.45.45.14#53
Non-authoritative answer:
Name:   amherst.publishingconcepts.com
Address: 12.156.3.83    # <------------------------------- Correct
answer


$ nslookup amherst.publishingconcepts.com 192.9.9.3        # Sun
Microsystems
Server:         192.9.9.3
Address:        192.9.9.3#53
Non-authoritative answer:
Name:   amherst.publishingconcepts.com
Address: 12.156.3.83    # <------------------------------- Correct
answer


$ nslookup amherst.publishingconcepts.com 207.217.126.41   # Earthlink
Server:         207.217.126.41
Address:        207.217.126.41#53
Non-authoritative answer:
Name:   amherst.publishingconcepts.com
Address: 12.156.3.83    # <------------------------------- Correct
answer


Finally, I ask Genuity/Level3's name servers.  Genuity/Level3 acts
provides secondary name service for our domains.  In one case it reports
the domain or name isn't valid, and in another it times out just like my
own nameserver does. But again, when I look up a name within the
publishingconcepts.com domain that I know doesn't exist, I get a
different kind of error (the expected error) back:


$ nslookup amherst.publishingconcepts.com 4.2.49.3         #
Genuity/Level3
Server:         4.2.49.3
Address:        4.2.49.3#53
Non-authoritative answer:
*** Can't find amherst.publishingconcepts.com: No answer   # WRONG ANSER


$ nslookup -q=3DA amherst.publishingconcepts.com 4.2.2.1     # Another
Genuity/Level3 server
;; connection timed out; no servers could be reached       # No answer
at all (timeout)


$ nslookup -q=3DA foo.publishingconcepts.com 4.2.2.1         #
Genuity/Level3 ISP DNS server
Server:         4.2.2.1
Address:        4.2.2.1#53
** server can't find foo.publishingconcepts.com: NXDOMAIN  # NXDOMAIN
(no such name)

So, I'm completely stumped as to what is going on here.  Somehow this
particular name "amherst.publishingconcepts.com" is not resolving via
some DNS servers, specifically mine. But other names in the
publishingconcepts.com domain are resolving properly, and the error that
the above DNS name yields is different from the name simply being
missing.

Any light that anyone can shed, or directions that anyone can sugggest
for further debugging/troubleshooting/investigation on this issue would
be most helpful.

-- John W. Manly  <jwmanly at amherst.edu>
   Systems and Networking, Amherst College

More information about the bind-users mailing list