+trace works on domain that gives SERVFAIL normally

Mark Andrews Mark_Andrews at isc.org
Thu Feb 8 00:52:48 UTC 2007 

> Hi,
>   We hare having a weird problems.  A domain lookup for a particilar
> domain
> Produces different results dependant on whether or not the +trace flag
> is used.
> 
> Any ideas?
> 
> [root at monet1 etc]# named -v
> BIND 9.2.4

	First thing I would do is upgrade, 9.2.4 is old and has
	lots of bugs.  If that fails then I would take a tcpdump
	and see if ypu are getting replies to the queries named is
	putting out.

	The delegation appears to be fine.

	The remote end doesn't appear to block packets from port 53.

	I'm worried a bit about your NAT box.  Some NAT's are known
	to just start dropping replies.  The tcpdump above should
	tell you if that is the problem.

	Mark
 
> See dig outputs below:
> 
> #################################################################
> # 1st dig run
> #################################################################
> [root at monet1 etc]# rndc flush
> [root at monet1 etc]# dig @10.10.10.20 heartofphilosophy.com
> 
> ; <<>> DiG 9.2.4 <<>> @10.10.10.20 heartofphilosophy.com
> ; (1 server found)
> ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 2935
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
> 
> ;; QUESTION SECTION:
> ;heartofphilosophy.com.         IN      A
> 
> ;; Query time: 358 msec
> ;; SERVER: 10.10.10.20#53(10.10.10.20)
> ;; WHEN: Thu Feb  8 10:42:47 2007
> ;; MSG SIZE  rcvd: 39
> 
> #################################################################
> # 2nd dig run
> #################################################################
> [root at monet1 etc]# rndc flush
> [root at monet1 etc]# dig +trace @10.10.10.20 heartofphilosophy.com
> 
> ; <<>> DiG 9.2.4 <<>> +trace @10.10.10.20 heartofphilosophy.com
> ; (1 server found)
> ;; global options:  printcmd
> .                       518400  IN      NS      J.ROOT-SERVERS.NET.
> .                       518400  IN      NS      K.ROOT-SERVERS.NET.
> .                       518400  IN      NS      L.ROOT-SERVERS.NET.
> .                       518400  IN      NS      M.ROOT-SERVERS.NET.
> .                       518400  IN      NS      A.ROOT-SERVERS.NET.
> .                       518400  IN      NS      B.ROOT-SERVERS.NET.
> .                       518400  IN      NS      C.ROOT-SERVERS.NET.
> .                       518400  IN      NS      D.ROOT-SERVERS.NET.
> .                       518400  IN      NS      E.ROOT-SERVERS.NET.
> .                       518400  IN      NS      F.ROOT-SERVERS.NET.
> .                       518400  IN      NS      G.ROOT-SERVERS.NET.
> .                       518400  IN      NS      H.ROOT-SERVERS.NET.
> .                       518400  IN      NS      I.ROOT-SERVERS.NET.
> ;; Received 228 bytes from 10.10.10.20#53(10.10.10.20) in 1 ms
> 
> com.                    172800  IN      NS      A.GTLD-SERVERS.NET.
> com.                    172800  IN      NS      G.GTLD-SERVERS.NET.
> com.                    172800  IN      NS      H.GTLD-SERVERS.NET.
> com.                    172800  IN      NS      C.GTLD-SERVERS.NET.
> com.                    172800  IN      NS      I.GTLD-SERVERS.NET.
> com.                    172800  IN      NS      B.GTLD-SERVERS.NET.
> com.                    172800  IN      NS      D.GTLD-SERVERS.NET.
> com.                    172800  IN      NS      L.GTLD-SERVERS.NET.
> com.                    172800  IN      NS      F.GTLD-SERVERS.NET.
> com.                    172800  IN      NS      J.GTLD-SERVERS.NET.
> com.                    172800  IN      NS      K.GTLD-SERVERS.NET.
> com.                    172800  IN      NS      E.GTLD-SERVERS.NET.
> com.                    172800  IN      NS      M.GTLD-SERVERS.NET.
> ;; Received 511 bytes from 192.58.128.30#53(J.ROOT-SERVERS.NET) in 310
> ms
> 
> heartofphilosophy.com.  172800  IN      NS      ns1.alexsrv30.com.
> heartofphilosophy.com.  172800  IN      NS      ns2.alexsrv30.com.
> ;; Received 117 bytes from 192.5.6.30#53(A.GTLD-SERVERS.NET) in 1004 ms
> 
> heartofphilosophy.com.  14400   IN      A       75.126.34.72
> heartofphilosophy.com.  86400   IN      NS      ns1.alexsrv30.com.
> heartofphilosophy.com.  86400   IN      NS      ns2.alexsrv30.com.
> ;; Received 133 bytes from 75.126.27.219#53(ns1.alexsrv30.com) in 201 ms
> 
> 
> Adam Clark
> Network Administrator
> 
> National Gallery of Victoria
> 180 St Kilda Road Melbourne Vic 3004 Australia
> Telephone: +61 3 8620 2369 
> Fax: +61 3 8620 2565
> www.ngv.vic.gov.au
> 
> Keep informed of the latest NGV exhibitions, special events and programs at T
> he Ian Potter Centre: NGV Australia and NGV International by subscribing to N
> GV at RT, the NGV's free e-newsletter.
> 
> DISCLAIMER: This email and any files transmitted with it are confidential and
>  intended solely for bind-users at isc.org. If you are not the named addressee y
> ou should not disseminate, copy or alter this email. WARNING: Although Nation
> al Gallery of Victoria has taken reasonable precautions to ensure no viruses 
> are present in this email, the organisation cannot accept responsibility for 
> any loss or damage arising from the use of this email or attachment.
> 
> 
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org

More information about the bind-users mailing list