My ISP's nameserver confuses the resolver in glibc 2.3.2 and BIND 9.2.1

david houlder david.houlder at
Thu Jan 1 12:05:04 UTC 2004

I've been seeing some DNS lookup failures on my redhat 9 box.
They are accomapnied by this in /var/log/messages:

Jan  1 22:29:11 localhost mozilla-bin: gethostby*.getanswer: asked for
"", got ""

A little experimentation with dig reveals that all the info is being
returned, only the A record arrives first, followed by the CNAME:

[david at localhost david]$ dig
; <<>> DiG 9.2.1 <<>>
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60725
;; flags: rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;             IN      A
;; ANSWER SECTION:  57      IN      A      2278    IN      CNAME
;; Query time: 336 msec
;; WHEN: Thu Jan  1 22:42:25 2004
;; MSG SIZE  rcvd: 86

Running 'tcpdump -n -vvv -s 128' during the dig confirms this.

I thought I'd get around this by setting up a forward-only caching
nameserver, figuring that it might be able to put the records back
into the 'correct' order before handing them back to gethostbyname(),
but, no, BIND seems to be just as confused. The tcpdump of BIND on
localhost forwarding a query shows this...

[root at localhost david]# tcpdump -n -vvv -s 128
tcpdump: listening on ppp0
22:07:04.433985 > [udp sum
ok]  55260
+ [1au] A? ar: . OPT UDPsize=2048 (45) (DF) (ttl 64,
id 0, len
22:07:04.607987 > [udp sum
ok]  55260
+ [2a] [1au] A? A,
home.dodo.c CNAME ar: . OPT UDPsize=2048 (79) (DF) (ttl
60, id 0, le
n 107)
22:07:06.448558 > [udp sum
ok]  46546
+ [1au] A? ar: . OPT UDPsize=2048 (45) (DF) (ttl 64,
id 0, len
22:07:06.597993 > [udp sum
ok]  46546
+ [2a] [1au] A? A,
home.dodo.c CNAME ar: . OPT UDPsize=2048 (79) (DF) (ttl
60, id 0, le
n 107)

...and so on. i.e. it asks (in this case) for, the
answer comes back with the A record for, followed by
the CNAME for BIND rerties this a few times and
gives up.

So, my questions are:

What (if anything) is my ISP doing wrong? The response from their tech
support is that their nameserevr is OK.

Why is the resolver so picky? Seems as though both the CNAME and A
record are being returned, its just that the CNAME arrives first.

Oh, and I can't use some other namersever because they have blocked
UDP port 53 as far as I can tell. Note that many hosts resolve just
fine (even CNAAMEs), its just a particular few, such as and that don't resolve.


[root at localhost david]# uname -a
Linux localhost.localdomain 2.4.20-20.9 #1 Mon Aug 18 11:27:43 EDT
2003 i686 athlon i386 GNU/Linux
[root at localhost david]# named -v
BIND 9.2.1
[root at localhost david]# rpm -q glibc

The nameserver in question is on 

David Houlder

More information about the bind-users mailing list