Strange DNS Behaviour

Eric C. Davis eric at mail.rockefeller.edu
Tue Mar 24 15:27:03 UTC 2009 

funet.fi        nameserver = ns.funet.fi
funet.fi        nameserver = ns-secondary.funet.fi
 > kemira.com
Server:  rockyd.rockefeller.edu
Address:  129.85.1.24

Non-authoritative answer:
kemira.com      nameserver = ns1.capgemini.fi
kemira.com      nameserver = ns2.capgemini.fi

Internet DNS thinks those domain names are under the authority of the 
name servers listed above.  What are you trying to accomplish?

Eric
Ashish wrote:
> Hi,
>
> Could someone kindly explain what is happening?
>
> I don't have domain name kemira.kemira.com anywhere in my primary
> database (and all secondaries, too) kemira.com = 137.33.1.2
> I have doublechecked the master database and secondaries. I have
> restarted both of them, but nothing seems to help.
>
> In funet.fi (master for fi-domain) when I start named and query
> kemira.kemira.com for the first time, it looks like this:
>
> ==========================================================
> datagram from 130.230.1.1 port 1536, fd 7, len 44
> req: nlookup(kemira.kemira.com.funet.fi) id 1 type=1
> req: found 'kemira.kemira.com.funet.fi' as 'funet.fi' (cname=0)
> findns: SOA found
> req: leaving (kemira.kemira.com.funet.fi, rcode 3)
> req: answer -> 130.230.1.1 9 (1536) id=1 Local
>
> datagram from 130.230.1.1 port 1537, fd 7, len 44
> req: nlookup(kemira.kemira.com.funet.fi) id 2 type=15
> req: found 'kemira.kemira.com.funet.fi' as 'funet.fi' (cname=0)
> findns: SOA found
> req: leaving (kemira.kemira.com.funet.fi, rcode 3)
> req: answer -> 130.230.1.1 9 (1537) id=2 Local
>
> datagram from 130.230.1.1 port 1538, fd 7, len 35
> req: nlookup(kemira.kemira.com) id 3 type=1
> req: found 'kemira.kemira.com' as 'com' (cname=0)
> findns: using cache
> findns: 7 NS's added for ''
> ns_forw()
> nslookup(nsp=xf7fff1e0,qp=x55000)
> nslookup: NS NS.NIC.DDN.MIL c1 t2 (x0)
> nslookup: 1 ns addrs
> nslookup: NS AOS.BRL.MIL c1 t2 (x0)
> nslookup: 4 ns addrs
> nslookup: NS KAVA.NISC.SRI.COM c1 t2 (x0)
> nslookup: 5 ns addrs
> nslookup: NS C.NYSER.NET c1 t2 (x0)
> nslookup: 6 ns addrs
> nslookup: NS TERP.UMD.EDU c1 t2 (x0)
> nslookup: 7 ns addrs
> nslookup: NS NS.NASA.GOV c1 t2 (x0)
> nslookup: 9 ns addrs
> nslookup: NS NIC.NORDU.NET c1 t2 (x0)
> nslookup: 10 ns addrs total
> forw: forw -> 192.33.4.12 7 (53) nsid=5 id=3 0ms retry 4 sec
>
> ....
>
> and a bit later:
>
> datagram from 192.33.4.12 port 53, fd 7, len 186
> USER response nsid=5 id=3
> stime 712944912/687743  now 712944912/887742 rtt 199
> NS #0 addr 192.33.4.12 used, rtt 199
> NS #1 128.63.4.82 rtt now 0
> NS #2 26.3.0.29 rtt now 0
> NS #3 192.5.25.82 rtt now 0
> NS #4 192.33.33.24 rtt now 0
> NS #5 128.8.10.90 rtt now 0
> NS #6 192.52.195.10 rtt now 0
> NS #7 128.102.16.10 rtt now 0
> NS #8 192.36.148.17 rtt now 0
> NS #9 192.112.36.4 rtt now 401
> resp: ancount 1, aucount 3, arcount 3
> doupdate(zone 0, savens f7ffe9d0, flags 19)
> doupdate: dname kemira.kemira.com type 1 class 1 ttl 172800
> db_update(kemira.kemira.com, 0x554b8, 0x554b8, 031, 0x44ca0)
> db_update: adding 554b8
> doupdate(zone 0, savens f7ffe9d0, flags 19)
> doupdate: dname KEMIRA.COM type 2 class 1 ttl 172800
> db_update(KEMIRA.COM, 0x55580, 0x55580, 031, 0x44ca0)
> db_update: adding 55580
> doupdate(zone 0, savens f7ffe9d0, flags 19)
> doupdate: dname KEMIRA.COM type 2 class 1 ttl 172800
> db_update(KEMIRA.COM, 0x555b8, 0x555b8, 031, 0x44ca0)
> db_update: adding 555b8
> doupdate(zone 0, savens f7ffe9d0, flags 19)
> doupdate: dname KEMIRA.COM type 2 class 1 ttl 172800
> db_update(KEMIRA.COM, 0x555f0, 0x555f0, 031, 0x44ca0)
> db_update: adding 555f0
> doupdate(zone 0, savens f7ffe9d0, flags 19)
> doupdate: dname KEMIRA.KEMIRA.COM type 1 class 1 ttl 172800
> db_update(KEMIRA.KEMIRA.COM, 0x55630, 0x55630, 031, 0x44ca0)
> db_update: new ttl 713117712, +172800
> update failed (DATAEXISTS)
> doupdate(zone 0, savens f7ffe9d0, flags 19)
> doupdate: dname HYDRA.HELSINKI.FI type 1 class 1 ttl 518400
> db_update(HYDRA.HELSINKI.FI, 0x55630, 0x55630, 031, 0x44ca0)
> 192.33.4.12 attempted update to auth zone 1 'fi'
> update failed (-10)
> doupdate(zone 0, savens f7ffe9d0, flags 19)
> doupdate: dname HKIUX9.FIN.KEMIRA.COM type 1 class 1 ttl 172800
> db_update(HKIUX9.FIN.KEMIRA.COM, 0x55630, 0x55630, 031, 0x44ca0)
> db_update: adding 55630
> resp: got as much answer as there is
> send_msg -> 130.230.1.1 (UDP 9 1538) id=3
>
> datagram from 130.230.1.1 port 1539, fd 7, len 35
> req: nlookup(kemira.kemira.com) id 4 type=15
> datagram from 130.230.1.1 port 1539, fd 7, len 35
> req: nlookup(kemira.kemira.com) id 4 type=15
> req: found 'kemira.kemira.com' as 'kemira.kemira.com' (cname=0)
> finddata: added 0 class 1 type 15 RRs
> findns: 3 NS's added for 'kemira'
> ns_forw()
> nslookup(nsp=xf7fff1e0,qp=x55000)
> nslookup: NS KEMIRA.KEMIRA.COM c1 t2 (x0)
> nslookup: 1 ns addrs
> nslookup: NS HYDRA.HELSINKI.FI c1 t2 (x0)
> nslookup: 2 ns addrs
> nslookup: NS HKIUX9.FIN.KEMIRA.COM c1 t2 (x0)
> nslookup: 3 ns addrs
> nslookup: 3 ns addrs total
> forw: forw -> 137.33.1.2 7 (53) nsid=7 id=4 0ms retry 4 sec
>
> datagram from 137.33.1.2 port 53, fd 7, len 92
> USER response nsid=7 id=4
> stime 712944912/917744  now 712944912/967742 rtt 49
> NS #0 addr 137.33.1.2 used, rtt 49
> NS #1 128.214.4.29 rtt now 0
> NS #2 137.33.1.9 rtt now 0
> resp: ancount 0, aucount 1, arcount 0
> doupdate(zone 0, savens f7ffe9d0, flags 19)
> doupdate: dname kemira.com type 6 class 1 ttl 3600
> db_update(kemira.com, 0x556f8, 0x556f8, 031, 0x44ca0)
> db_update: adding 556f8
> resp: leaving auth NO
> send_msg -> 130.230.1.1 (UDP 9 1539) id=4
>
> =====================================================
>
> Kindly advice!
>
> Many Thanks,
> Ashish
>
>
>
> Please do not print this email unless it is absolutely necessary. 
>
> The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. 
>
> WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. 
>
> www.wipro.com
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>

More information about the bind-users mailing list