why include an answer in the query?

Peter Dambier peter at peter-dambier.de
Wed Apr 19 17:52:56 UTC 2006


Kent Tong wrote:
> Hi,
> 
> We have a local DNS server that uses the ISP's DNS server 
> as a forwarder. Usually it is working fine. But recently 
> we find that it can't  resolve www.yahoo.com (but yahoo.com 
> is OK), because the ISP's DNS server is not responding to 
> the query on www.yahoo.com (but does respond to a queries 
> on yahoo.com). However, using the "host" command to query 
> the ISP's DNS server directly works fine for both domain
> names. So Yahoo is working and the ISP's DNS server is also 
> working fine.
> 
> Using tcpdump we find that if the query is for www.yahoo.com, 
> our local DNS server will include an answer in the query 
> to the ISP's DNS server (tcpdump shows the [1au] flag for 
> the DNS packet), while for yahoo.com it won't:
> 
> [root at cladmr003 root]# tcpdump -A -i eth2 port 53
> tcpdump: verbose output suppressed, use -v or -vv for full 
> protocol decode listening on eth2, link-type EN10MB (Ethernet), 
> capture size 96 bytes
> 14:54:55.723957 IP n8z108l98.broadband.ctm.net.1751 > 
> macau.ctm.net.domain: 34796+ [1au] A? www.yahoo.akadns.net. (49)
> 
> E..M.. at .@.5...lb.......5.9...............www.yahoo.akadns.net...
> ....)........
> 
> Do you think it is this answer that is causing the ISP's DNS 
> server to reject the query? If no, what else could be causing 
> this behavior?
> 
> Thanks!

I guess here is the fontain of all headaches:

; <<>> DiG 9.1.3 <<>> -t any www.yahoo.com @ns3.yahoo.com.
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48213
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 5, ADDITIONAL: 5

;; QUESTION SECTION:
;www.yahoo.com.                 IN      ANY

;; ANSWER SECTION:
www.yahoo.com.          300     IN      CNAME   www.yahoo.akadns.net.

;; AUTHORITY SECTION:
yahoo.com.              172800  IN      NS      ns1.yahoo.com.
yahoo.com.              172800  IN      NS      ns2.yahoo.com.
yahoo.com.              172800  IN      NS      ns3.yahoo.com.
yahoo.com.              172800  IN      NS      ns4.yahoo.com.
yahoo.com.              172800  IN      NS      ns5.yahoo.com.

;; ADDITIONAL SECTION:
ns1.yahoo.com.          172800  IN      A       66.218.71.63
ns2.yahoo.com.          172800  IN      A       66.163.169.170
ns3.yahoo.com.          172800  IN      A       217.12.4.104
ns4.yahoo.com.          172800  IN      A       63.250.206.138
ns5.yahoo.com.          172800  IN      A       216.109.116.17

;; Query time: 81 msec
;; SERVER: 217.12.4.104#53(ns3.yahoo.com.)
;; WHEN: Wed Apr 19 19:38:20 2006
;; MSG SIZE  rcvd: 235


; <<>> DiG 9.1.3 <<>> -t any www.yahoo.akadns.net @eur8.akadns.net.
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55465
;; flags: qr aa rd; QUERY: 1, ANSWER: 8, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.yahoo.akadns.net.          IN      ANY

;; ANSWER SECTION:
www.yahoo.akadns.net.   60      IN      A       216.109.118.76
www.yahoo.akadns.net.   60      IN      A       216.109.118.77
www.yahoo.akadns.net.   60      IN      A       216.109.117.206
www.yahoo.akadns.net.   60      IN      A       216.109.118.66
www.yahoo.akadns.net.   60      IN      A       216.109.118.70
www.yahoo.akadns.net.   60      IN      A       216.109.117.207
www.yahoo.akadns.net.   60      IN      A       216.109.117.110
www.yahoo.akadns.net.   60      IN      A       216.109.117.109

;; Query time: 59 msec
;; SERVER: 62.4.69.96#53(eur8.akadns.net.)
;; WHEN: Wed Apr 19 19:42:04 2006
;; MSG SIZE  rcvd: 166


I wonder what that tabarnak CNAME is good for but wasting
resolver memory.

On the other hand I wonder - when you have your own resolver,
why do you wait for somebody else to fail? Why dont you trust
your own resolver and ask the root-servers directly?

I dont know how good your ISPs resolver is. Mine takes 2 seconds
for some queries longer. Since I ignored forwarders DNS has become
much faster and there are fewer things I dont find.


Regards
Peter and Karin


-- 
Peter and Karin Dambier
The Public-Root Consortium
Graeffstrasse 14
D-64646 Heppenheim
+49(6252)671-788 (Telekom)
+49(179)108-3978 (O2 Genion)
+49(6252)750-308 (VoIP: sipgate.de)
mail: peter at peter-dambier.de
mail: peter at echnaton.serveftp.com
http://iason.site.voila.fr/
https://sourceforge.net/projects/iason/



More information about the bind-users mailing list