Werid mx queries to the vatician

Peter Dambier peter at peter-dambier.de
Thu Sep 7 21:18:22 UTC 2006


; <<>> DiG 9.4.0b1 <<>> -t any fabricsp.va
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9013
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 9, ADDITIONAL: 9

;; QUESTION SECTION:
;fabricsp.va.                   IN      ANY

;; ANSWER SECTION:
fabricsp.va.            86001   IN      MX      90 john.vatican.va.
fabricsp.va.            86001   IN      MX      10 lists.vatican.va.
fabricsp.va.            86001   IN      MX      20 paul.vatican.va.
fabricsp.va.            86001   IN      MX      50 proxy2.urbe.it.

;; AUTHORITY SECTION:
va.                     86001   IN      NS      osiris.namex.it.
va.                     86001   IN      NS      seth.namex.it.
va.                     86001   IN      NS      ext-dns-2.cern.ch.
va.                     86001   IN      NS      dns2.it.net.
va.                     86001   IN      NS      dns.nic.it.
va.                     86001   IN      NS      john.vatican.va.
va.                     86001   IN      NS      ns.ripe.net.
va.                     86001   IN      NS      michael.vatican.va.
va.                     86001   IN      NS      ns.urbe.it.

;; ADDITIONAL SECTION:
john.vatican.va.        86224   IN      A       212.77.0.110
ext-dns-2.cern.ch.      10624   IN      A       192.91.245.85
ns.ripe.net.            172624  IN      A       193.0.0.193
ns.urbe.it.             86227   IN      A       193.43.128.2
dns.nic.it.             86225   IN      A       193.205.245.5
dns2.it.net.            172625  IN      A       151.1.2.1
seth.namex.it.          86227   IN      A       193.201.40.7
seth.namex.it.          86227   IN      AAAA    2001:7f8:10:ff::7
osiris.namex.it.        86227   IN      A       193.201.40.6

;; Query time: 65 msec
;; SERVER: 192.168.48.227#53(192.168.48.227)
;; WHEN: Thu Sep  7 23:11:11 2006
;; MSG SIZE  rcvd: 486


; <<>> DiG 9.4.0b1 <<>> mx fabricsp.va
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14713
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 9, ADDITIONAL: 0

;; QUESTION SECTION:
;fabricsp.va.                   IN      MX

;; ANSWER SECTION:
fabricsp.va.            86400   IN      MX      10 lists.vatican.va.
fabricsp.va.            86400   IN      MX      20 paul.vatican.va.
fabricsp.va.            86400   IN      MX      50 proxy2.urbe.it.
fabricsp.va.            86400   IN      MX      90 john.vatican.va.

;; AUTHORITY SECTION:
va.                     86400   IN      NS      john.vatican.va.
va.                     86400   IN      NS      ext-dns-2.cern.ch.
va.                     86400   IN      NS      dns.nic.it.
va.                     86400   IN      NS      ns.ripe.net.
va.                     86400   IN      NS      michael.vatican.va.
va.                     86400   IN      NS      dns2.it.net.
va.                     86400   IN      NS      seth.namex.it.
va.                     86400   IN      NS      ns.urbe.it.
va.                     86400   IN      NS      osiris.namex.it.

;; Query time: 236 msec
;; SERVER: 192.168.48.227#53(192.168.48.227)
;; WHEN: Thu Sep  7 23:04:32 2006
;; MSG SIZE  rcvd: 330


~> check_soa va

ext-dns-2.cern.ch has serial number 2006073101
john.vatican.va has serial number 2006073101
ns.ripe.net has serial number 2006073101
dns2.it.net has serial number 2006073101
dns.nic.it has serial number 2006073101
michael.vatican.va has serial number 2006073101
ns.urbe.it has serial number 2006073101
osiris.namex.it has serial number 2006073101
seth.namex.it has serial number 2006073101


Maybe cache poisoning on your server or forwarder?


Kind regards
Peter and Karin


Patrick Hulman wrote:
> My mail server are unable to send mail to parts of the holy see. upon
> investigation i found the following
> 
>  # dig mx fabricsp.va
> 
> ; <<>> DiG 9.2.4 <<>> mx fabricsp.va
> ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29921
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
> 
> ;; QUESTION SECTION:
> ;fabricsp.va.                   IN      MX
> 
> ;; Query time: 133 msec
> ;; SERVER: 127.0.0.1#53(127.0.0.1)
> ;; WHEN: Wed Sep  6 13:24:45 2006
> ;; MSG SIZE  rcvd: 2
> 
> however if i do a dig +trace i get this
> 
> # dig +trace mx fabricsp.va
> 
> ; <<>> DiG 9.2.4 <<>> +trace mx fabricsp.va
> ;; global options:  printcmd
> .                       334879  IN      NS      J.ROOT-SERVERS.NET.
> .                       334879  IN      NS      K.ROOT-SERVERS.NET.
> .                       334879  IN      NS      L.ROOT-SERVERS.NET.
> .                       334879  IN      NS      M.ROOT-SERVERS.NET.
> .                       334879  IN      NS      A.ROOT-SERVERS.NET.
> .                       334879  IN      NS      B.ROOT-SERVERS.NET.
> .                       334879  IN      NS      C.ROOT-SERVERS.NET.
> .                       334879  IN      NS      D.ROOT-SERVERS.NET.
> .                       334879  IN      NS      E.ROOT-SERVERS.NET.
> .                       334879  IN      NS      F.ROOT-SERVERS.NET.
> .                       334879  IN      NS      G.ROOT-SERVERS.NET.
> .                       334879  IN      NS      H.ROOT-SERVERS.NET.
> .                       334879  IN      NS      I.ROOT-SERVERS.NET.
> ;; Received 276 bytes from 127.0.0.1#53(127.0.0.1) in 0 ms
> 
> va.                     172800  IN      NS      DNS.NIC.IT.
> va.                     172800  IN      NS      DNS2.IT.NET.
> va.                     172800  IN      NS      DXMON.CERN.CH.
> va.                     172800  IN      NS      MICHAEL.VATICAN.va.
> va.                     172800  IN      NS      NS.RIPE.NET.
> va.                     172800  IN      NS      JOHN.VATICAN.va.
> va.                     172800  IN      NS      NS.URBE.IT.
> va.                     172800  IN      NS      SETH.NAMEX.IT.
> va.                     172800  IN      NS      OSIRIS.NAMEX.IT.
> ;; Received 416 bytes from 192.58.128.30#53(J.ROOT-SERVERS.NET) in 256 ms
> 
> fabricsp.va.            86400   IN      MX      10 lists.vatican.va.
> fabricsp.va.            86400   IN      MX      20 paul.vatican.va.
> fabricsp.va.            86400   IN      MX      50 proxy2.urbe.it.
> fabricsp.va.            86400   IN      MX      90 john.vatican.va.
> va.                     86400   IN      NS      john.vatican.va.
> va.                     86400   IN      NS      seth.namex.it.
> va.                     86400   IN      NS      osiris.namex.it.
> va.                     86400   IN      NS      michael.vatican.va.
> va.                     86400   IN      NS      ext-dns-2.cern.ch.
> va.                     86400   IN      NS      ns.ripe.net.
> va.                     86400   IN      NS      ns.urbe.it.
> va.                     86400   IN      NS      dns.nic.it.
> va.                     86400   IN      NS      dns2.it.net.
> ;; Received 510 bytes from 193.205.245.5#53(DNS.NIC.IT) in 155 ms
> 
> however if i try to do a dig on vatican.va it works fine
> # dig mx vatican.va
> 
> ; <<>> DiG 9.2.4 <<>> mx vatican.va
> ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40639
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 4, ADDITIONAL: 5
> 
> ;; QUESTION SECTION:
> ;vatican.va.                    IN      MX
> 
> ;; ANSWER SECTION:
> vatican.va.             85762   IN      MX      10 lists.vatican.va.
> vatican.va.             85762   IN      MX      20 paul.vatican.va.
> vatican.va.             85762   IN      MX      50 proxy2.urbe.it.
> 
> ;; AUTHORITY SECTION:
> vatican.va.             85749   IN      NS      john.vatican.va.
> vatican.va.             85749   IN      NS      michael.vatican.va.
> vatican.va.             85749   IN      NS      dns2.it.net.
> vatican.va.             85749   IN      NS      dns3.nic.it.
> 
> ;; ADDITIONAL SECTION:
> lists.vatican.va.       85762   IN      A       212.77.6.62
> paul.vatican.va.        85762   IN      A       212.77.0.113
> proxy2.urbe.it.         75562   IN      A       193.43.128.7
> dns2.it.net.            10433   IN      A       151.1.2.1
> john.vatican.va.        85749   IN      A       212.77.0.110
> 
> ;; Query time: 0 msec
> ;; SERVER: 127.0.0.1#53(127.0.0.1)
> ;; WHEN: Wed Sep  6 13:28:37 2006
> ;; MSG SIZE  rcvd: 270
> 
> i thought i was being blocked by ip but i'm able to lookup the vatican.va
> but not other domain.
> 
> does anyone have an idea why i'm getting this result.
> 
> patrick
> 


-- 
Peter and Karin Dambier
Cesidian Root - Radice Cesidiana
Graeffstrasse 14
D-64646 Heppenheim
+49(6252)671-788 (Telekom)
+49(179)108-3978 (O2 Genion)
+49(6252)750-308 (VoIP: sipgate.de)
mail: peter at peter-dambier.de
mail: peter at echnaton.serveftp.com
http://iason.site.voila.fr/
https://sourceforge.net/projects/iason/



More information about the bind-users mailing list