query id=1?
hennessy
hennessy at earl-grey.cloud9.net
Tue Mar 2 19:53:53 UTC 2004
Hi,
I'm trying to find out why certain clients (dnstest.com for
example) are having difficulty receiving results from my company's public
nameservers. Most users have no problems, and whois all seems to work,
but for one client they are reporting difficulties, and dnstest.com is
giving NS fails for some reason. Here's my tcpdump:
(a number of successful accesses)
vnsc-bak.sys.gtei.net.domain: 24043+ PTR? 190.185.168.192.in-addr.arpa.
(46) (DF)
vnsc-bak.sys.gtei.net.domain: 21755+ PTR? 2.2.2.4.in-addr.arpa. (38)
(DF)
mail.tradeware.com.50659: 24043 NXDomain 0/1/0 (123) (DF)
mail.tradeware.com.50660: 21755 1/0/0 PTR[|domain] (DF)
ns1.tradeware.com.domain: 14225+ A? mail.tradeware.com. (36)
stage.prinsite.com.2276: 14225*- 1/3/3 A mail.tradeware.com (154) (DF)
(and where dnstest breaks down)
http://www.dnsreport.com/tools/dnsreport.ch?domain=tradeware.com
14:51:07.537286 test.dnsstuff.com.4706 > ns1.tradeware.com.domain: 1+
NS? tradeware.com. (31)
14:51:07.537614 test.dnsstuff.com.4707 > ns1.tradeware.com.domain: 1+
TXT CHAOS)? version.bind. (30)
14:51:07.537964 test.dnsstuff.com.4708 > ns1.tradeware.com.domain: 1+
SOA? tradeware.com. (31)
14:51:07.538314 test.dnsstuff.com.4709 > ns1.tradeware.com.domain: 1+
MX? tradeware.com. (31)
14:51:07.538980 test.dnsstuff.com.4710 > ns1.tradeware.com.domain: 1+ A?
www.tradeware.com. (35)
14:51:07.539337 test.dnsstuff.com.4711 > ns1.tradeware.com.domain: 1+
CNAME? tradeware.com. (31)
14:51:07.540195 test.dnsstuff.com.4712 > ns1.tradeware.com.domain: 1+
CNAME? ns1.tradeware.com. (35)
14:51:07.549202 test.dnsstuff.com.4720 > mail.tradeware.com.domain: 1+
NS? tradeware.com. (31)
14:51:07.549536 test.dnsstuff.com.4721 > mail.tradeware.com.domain: 1+
TXT CHAOS)? version.bind. (30)
14:51:07.551350 test.dnsstuff.com.4722 > mail.tradeware.com.domain: 1+
SOA? tradeware.com. (31)
14:51:07.552556 test.dnsstuff.com.4723 > mail.tradeware.com.domain: 1+
MX? tradeware.com. (31)
14:51:07.553210 test.dnsstuff.com.4724 > mail.tradeware.com.domain: 1+
A? www.tradeware.com. (35)
14:51:07.553563 test.dnsstuff.com.4725 > mail.tradeware.com.domain: 1+
CNAME? tradeware.com. (31)
14:51:07.555827 test.dnsstuff.com.4726 > mail.tradeware.com.domain: 1+
CNAME? ns3.tradeware.com. (35)
So is test.dnsstuff.com setting its query id to 1 for a
particular reason (can clients set their own query id)? Is there an
issue with bind that prohibits or chokes on a query id of 1? Apparently
one of our clients uses a mail provider that runs Exchange on the
Internet, who's having similar failures to resolve our IPs. Is there
something I'm missing in my BIND config that other BINDs silently ignore?
More information about the bind-users
mailing list