Can't resolve occ.com.mx

Mónica Soto Valencia msv at ulsa.mx
Fri Sep 14 21:08:48 UTC 2007


Chris, 

This statement I put it into the named.conf, right?.... No manner the order
to put it into the file? ....And the main question the EDNS is a "type of
value" o what is it exactly?, I've found out that it appears related with
dnssec, but I don´t have implemented dnssec yet, so I am a little confused
of what it is refered to and how would help me to put the statement into the
configuration file???. If you could recommend me some literature for
understand the concepts I really appreciate it.


Thanks in advance


______________________
Mónica Soto Valencia
Comunicación y Sistemas
Universidad La Salle
52789500 xt. 1068

-----Original Message-----
From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org] On Behalf
Of Chris Buxton
Sent: Jueves, 13 de Septiembre de 2007 02:54 p.m.
To: Mónica Soto Valencia
Cc: bind-users at isc.org
Subject: Re: Can't resolve occ.com.mx

We saw this exact same behavior at a customer site recently. The problem was
caused by the firewall, which had some kind of DNS packet inspection enabled
and didn't understand EDNS - in that case, it was affecting all queries, not
just queries for a particular domain.

Try putting a server statement into your configuration for the occ.com.mx
server, and disabling EDNS when talking to that server.
For example:

server 207.250.79.50 {
	edns no;
};

Chris Buxton
Men & Mice

On Sep 13, 2007, at 12:09 PM, Mónica Soto Valencia wrote:

> Hello, I have some problems with my dns servers when I try to resolve 
> occ.com.mx, sometimes it resolve it well and sometimes doesn't.
> When I use
> dig sometimes I got the following errors:
>
> dig  @200.10.243.45 occ.com.mx MX
> ;; Warning: ID mismatch: expected ID 23002, got 16756 ;; Warning: ID 
> mismatch: expected ID 23002, got 16756 ;; Warning: ID mismatch: 
> expected ID 23002, got 16756
>
> ; <<>> DiG 9.3.2-P1 <<>> @200.10.243.45 occ.com.mx MX ; (1 server 
> found) ;; global options:  printcmd ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 23002 ;; flags: 
> qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;occ.com.mx.                    IN      MX
>
> ;; Query time: 297 msec
> ;; SERVER: 200.10.243.45#53(200.10.243.45) ;; WHEN: Thu Sep 13 
> 13:29:37 2007 ;; MSG SIZE  rcvd: 28 dig  @200.10.243.45 occ.com.mx MX
>
> ; <<>> DiG 9.3.2-P1 <<>> @200.10.243.45 occ.com.mx MX ; (1 server 
> found) ;; global options:  printcmd ;; connection timed out; no 
> servers could be reached
>
>
> When I use dig using +trace I succesfully reach the server:
>
> dig +trace @200.10.243.45 occ.com.mx MX
>
> ; <<>> DiG 9.3.2-P1 <<>> +trace @200.10.243.45 occ.com.mx MX ; (1 
> server found) ;; global options:  printcmd
> .                       426427  IN      NS      M.ROOT-SERVERS.NET.
> .                       426427  IN      NS      A.ROOT-SERVERS.NET.
> .                       426427  IN      NS      B.ROOT-SERVERS.NET.
> .                       426427  IN      NS      C.ROOT-SERVERS.NET.
> .                       426427  IN      NS      D.ROOT-SERVERS.NET.
> .                       426427  IN      NS      E.ROOT-SERVERS.NET.
> .                       426427  IN      NS      F.ROOT-SERVERS.NET.
> .                       426427  IN      NS      G.ROOT-SERVERS.NET.
> .                       426427  IN      NS      H.ROOT-SERVERS.NET.
> .                       426427  IN      NS      I.ROOT-SERVERS.NET.
> .                       426427  IN      NS      J.ROOT-SERVERS.NET.
> .                       426427  IN      NS      K.ROOT-SERVERS.NET.
> .                       426427  IN      NS      L.ROOT-SERVERS.NET.
> ;; Received 356 bytes from 200.10.243.45#53(200.10.243.45) in 1 ms
>
> mx.                     172800  IN      NS      B.NS.mx.
> mx.                     172800  IN      NS      C.NS.mx.
> mx.                     172800  IN      NS      D.NS.mx.
> mx.                     172800  IN      NS      A.NS.mx.
> ;; Received 159 bytes from 198.41.0.4#53(A.ROOT-SERVERS.NET) in 72 ms
>
> occ.com.mx.             86400   IN      NS      ns1.occmx.com.
> ;; Received 55 bytes from 200.23.179.1#53(B.NS.mx) in 8 ms
>
> occ.com.mx.             180     IN      MX      10 mail.occ.com.mx.
> ;; Received 59 bytes from 207.250.79.50#53(ns1.occmx.com) in 85 ms
>
>
> Does anyone know what could be the problem??. I am using BIND 9.3.4-
> P1 whit
> Red Hat 4.0 Enterprise.
>
> I'll appreciate your help!!.
>
> Regards
>
> ______________________
> Mónica Soto Valencia
> Comunicación y Sistemas
> Universidad La Salle
> 52789500 xt. 1068
>
>
>







More information about the bind-users mailing list