Can't resolve some domians

Mark Andrews Mark_Andrews at isc.org
Sun Nov 18 22:30:08 UTC 2007 

> **Dear Bind Users
> Our Recursive & Open DNS Bind 9.2.4 (Solaris 10, Linux) & Bind
> 8.2.4(Soalris 8) can't reslove the below domians
> 
> ims-oman.com
> sinjincorp.co.kr
> 
> connection timed out; no servers could be reached
> 
> but when I use dig +norec or dig +trace ims-oman.com / sinjincorp.co.kr it
> can reslove

	The servers for zones have misconfigured firewalls in front
	of them.

	ns.hostweb.co.kr doesn't accept queries from port 53.
	Similarly yns1.yahoo.com doesn't accept packets from port
	53.  Both the zones only have one working nameserver (as
	listed in the parent zone).  Both zones have bad delegations
	(NS list in parents doesn't match that of child).

	It uses to be that people blocked DNS queries from any port
	but port 53.  Now we are getting the reverse.  Both are
	equally wrong.

	Mark

drugs# dig -b 0.0.0.0#53 ns sinjincorp.co.kr @ns.hostweb.co.kr

; <<>> DiG 9.3.4-P1 <<>> -b 0.0.0.0#53 ns sinjincorp.co.kr @ns.hostweb.co.kr
; (1 server found)
;; global options:  printcmd
;; connection timed out; no servers could be reached
drugs# dig ns sinjincorp.co.kr @ns.hostweb.co.kr

; <<>> DiG 9.3.4-P1 <<>> ns sinjincorp.co.kr @ns.hostweb.co.kr
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3780
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; QUESTION SECTION:
;sinjincorp.co.kr.              IN      NS

;; ANSWER SECTION:
sinjincorp.co.kr.       86400   IN      NS      ns.hostweb.co.kr.

;; ADDITIONAL SECTION:
ns.hostweb.co.kr.       86400   IN      A       210.109.103.150

;; Query time: 335 msec
;; SERVER: 210.109.103.150#53(210.109.103.150)
;; WHEN: Mon Nov 19 09:20:03 2007
;; MSG SIZE  rcvd: 75

drugs# 

drugs# dig -b 0.0.0.0#53 ns ims-oman.com @yns1.yahoo.com 

; <<>> DiG 9.3.4-P1 <<>> -b 0.0.0.0#53 ns ims-oman.com @yns1.yahoo.com
; (1 server found)
;; global options:  printcmd
;; connection timed out; no servers could be reached
drugs# dig ns ims-oman.com @yns1.yahoo.com

; <<>> DiG 9.3.4-P1 <<>> ns ims-oman.com @yns1.yahoo.com
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42280
;; flags: qr aa rd; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 4

;; QUESTION SECTION:
;ims-oman.com.                  IN      NS

;; ANSWER SECTION:
ims-oman.com.           86400   IN      NS      ns8.san.yahoo.com.
ims-oman.com.           86400   IN      NS      ns9.san.yahoo.com.
ims-oman.com.           86400   IN      NS      yns1.yahoo.com.
ims-oman.com.           86400   IN      NS      yns2.yahoo.com.

;; ADDITIONAL SECTION:
ns8.san.yahoo.com.      1800    IN      A       66.218.71.205
ns9.san.yahoo.com.      1800    IN      A       216.109.116.20
yns1.yahoo.com.         1800    IN      A       66.218.71.205
yns2.yahoo.com.         1800    IN      A       216.109.116.20

;; Query time: 171 msec
;; SERVER: 66.218.71.205#53(66.218.71.205)
;; WHEN: Mon Nov 19 09:17:35 2007
;; MSG SIZE  rcvd: 178

drugs# 
 
> and when I check other DNS such as OpenDNS (208.67.222.222) it can
> be resloved
> 
> The above domains are reachable from other countries and it is not block by
> the ISP here
> 
> How I can solve this issue?
> 
> Thanks in advance
> 
> 

> Best Regards
> Yassir
> 
> 
> 
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org

More information about the bind-users mailing list