DNS problem with symantec.com
Jim McCullars
jim at info2.uah.edu
Tue Mar 23 16:19:24 UTC 2004
Simon Waters (Simon at wretched.demon.co.uk) wrote:
: Next time try "dig @problem?serverip enterprisesecurity.symantec.com" if
: it gives the right answer it is probably a client problem.
Hi, thanks for the reply. I tried running dig from our main campus
DNS (uahis1.uah.edu, or 146.229.1.2) and got basically the same result.
If I run it with no option, it times out. If I specifically look for the
CNAME, it finds it, then subsequent lookups for the A record work fine:
# dig enterprisesecurity.symantec.com
; <<>> DiG 8.3 <<>> enterprisesecurity.symantec.com
;; res options: init recurs defnam dnsrch
;; res_nsend to server default -- 146.229.1.2: Connection timed out
#
Now look for the CNAME...
# dig enterprisesecurity.symantec.com cname
; <<>> DiG 8.3 <<>> enterprisesecurity.symantec.com cname
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4
;; QUERY SECTION:
;; enterprisesecurity.symantec.com, type = CNAME, class = IN
;; ANSWER SECTION:
enterprisesecurity.symantec.com. 15M IN CNAME enterprisesecurity.production.ma.circleonline.net.
;; AUTHORITY SECTION:
symantec.com. 5h31m49s IN NS ns3.symantec.com.
symantec.com. 5h31m49s IN NS ns4.symantec.com.
symantec.com. 5h31m49s IN NS ns1.symantec.com.
symantec.com. 5h31m49s IN NS ns2.symantec.com.
;; ADDITIONAL SECTION:
ns3.symantec.com. 6h47m5s IN A 206.204.212.86
ns4.symantec.com. 6h47m5s IN A 206.204.52.11
ns1.symantec.com. 6h47m5s IN A 198.6.49.5
ns2.symantec.com. 6h47m5s IN A 198.6.49.111
;; Total query time: 132 msec
;; FROM: uahis1.uah.edu to SERVER: default -- 146.229.1.2
;; WHEN: Tue Mar 23 10:07:53 2004
;; MSG SIZE sent: 49 rcvd: 279
And once I have "primed the pump", so to speak, it works:
# dig enterprisesecurity.symantec.com
; <<>> DiG 8.3 <<>> enterprisesecurity.symantec.com
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 13, ADDITIONAL: 10
;; QUERY SECTION:
;; enterprisesecurity.symantec.com, type = A, class = IN
;; ANSWER SECTION:
enterprisesecurity.symantec.com. 14m14s IN CNAME enterprisesecurity.production.ma.circleonline.net.
enterprisesecurity.production.ma.circleonline.net. 31m33s IN A 64.55.213.14
;; AUTHORITY SECTION:
net. 8h18m8s IN NS l.gtld-servers.net.
net. 8h18m8s IN NS h.gtld-servers.net.
net. 8h18m8s IN NS e.gtld-servers.net.
net. 8h18m8s IN NS i.gtld-servers.net.
net. 8h18m8s IN NS m.gtld-servers.net.
net. 8h18m8s IN NS g.gtld-servers.net.
net. 8h18m8s IN NS f.gtld-servers.net.
net. 8h18m8s IN NS c.gtld-servers.net.
net. 8h18m8s IN NS k.gtld-servers.net.
net. 8h18m8s IN NS b.gtld-servers.net.
net. 8h18m8s IN NS j.gtld-servers.net.
net. 8h18m8s IN NS d.gtld-servers.net.
net. 8h18m8s IN NS a.gtld-servers.net.
;; ADDITIONAL SECTION:
l.gtld-servers.net. 1d21h5m51s IN A 192.41.162.30
h.gtld-servers.net. 1d21h5m51s IN A 192.54.112.30
e.gtld-servers.net. 1d21h5m51s IN A 192.12.94.30
i.gtld-servers.net. 1d21h5m51s IN A 192.43.172.30
m.gtld-servers.net. 1d21h5m51s IN A 192.55.83.30
g.gtld-servers.net. 1d21h5m51s IN A 192.42.93.30
f.gtld-servers.net. 1d21h5m51s IN A 192.35.51.30
c.gtld-servers.net. 1d21h5m51s IN A 192.26.92.30
k.gtld-servers.net. 1d21h5m51s IN A 192.52.178.30
b.gtld-servers.net. 1d21h5m51s IN A 192.33.14.30
;; Total query time: 22 msec
;; FROM: uahis1.uah.edu to SERVER: default -- 146.229.1.2
;; WHEN: Tue Mar 23 10:08:39 2004
;; MSG SIZE sent: 49 rcvd: 509
So this appears to be a BIND issue. Is this a known problem, or could
it be a config problem? Thanks...
Jim McCullars
University of Alabama in Huntsville
More information about the bind-users
mailing list