Possible Lookup Problem

Mark Andrews Mark_Andrews at isc.org
Tue Nov 8 22:13:24 UTC 2005


> Hi,
> I've had some people come to me with concerns about our dns servers so
> I decided to start doing some digging.  Basically, when querying our
> servers for lets say the aol.com mx records, after the TTL expires my
> server stops showing the ip's of the mx records in the additional
> section  of the dig.  When I query other servers for the same
> information, they tend to update right away after the TTL expires.
> For example, after the 300 seconds expires for all of the mx records,
> here is what I get on a dig:
> 
> -----------------------------------------------------------------------------
> ------------------------------
> root at gtr2:/etc/namedbfiles/hint# dig aol.com mx
> 
> ; <<>> DiG 9.3.0 <<>> aol.com mx
> ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29109
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 4, ADDITIONAL: 0
> 
> ;; QUESTION SECTION:
> ;aol.com.                       IN      MX
> 
> ;; ANSWER SECTION:
> aol.com.                3231    IN      MX      15
> mailin-01.mx.aol.com.
> aol.com.                3231    IN      MX      15
> mailin-02.mx.aol.com.
> aol.com.                3231    IN      MX      15
> mailin-03.mx.aol.com.
> aol.com.                3231    IN      MX      15
> mailin-04.mx.aol.com.
> 
> ;; AUTHORITY SECTION:
> aol.com.                3231    IN      NS      dns-01.ns.aol.com.
> aol.com.                3231    IN      NS      dns-02.ns.aol.com.
> aol.com.                3231    IN      NS      dns-06.ns.aol.com.
> aol.com.                3231    IN      NS      dns-07.ns.aol.com.
> -----------------------------------------------------------------------------
> ------------------------------
> 
> 
> And continued digs show the same information.  After awhile, maybe 10
> minutes, I'll start getting the additional section containing the mx
> record ip address again.  But like I said, if I query other servers,
> after the TTL expires, the additional section lights back up with at
> least 1 of the expired servers.
> 
> Is this normal?  If not, what may be causing this problem?

	Yes this is normal and expected.  The additional records are
	only returned if the nameserver has them in its cache and of
	the right credability.

	Some nameservers fetch missing additional records others don't.
	This is a implementation choice.
 
> Thanks for any help.  I've never really needed to try to troubleshoot
> bind before, so I'm at a loss.
> 
> -Craig
> 
> 
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org



More information about the bind-users mailing list