Odd query issue

Kevin Darcy kcd at chrysler.com
Mon Aug 2 22:29:20 UTC 2010 

1. Zone has expired (to confirm: check logs)
2. Corrupted/truncated journal file (to confirm: check logs, or, shut 
down gracefully, delete journal and start up again)
3. www.blah.com is a delegation in your slave copy of the zone, and the 
delegated nameservers are all returning SERVFAIL, are lame, give bogus 
answers, some combination of the above, etc. (to confirm: do the lookup 
non-recursively, or a zone transfer of blah.com; if www.blah.com shows 
as a delegation, query the delegated nameservers directly and see what 
they return)

                                                                         
                                                                         
                 - Kevin

On 8/2/2010 10:17 AM, Atkins, Brian (GD/VA-NSOC) wrote:
> I'm troubleshooting an issue with internal resolution of a domain. I
> have 2 identical slave servers that resolve for domains that have been
> delegated to our group. However, while one of the servers can
> successfully provide the responses, the other cannot. I've checked with
> the network gurus to verify there is not a possibility of a firewall or
> IPS rule causing the issue, but came back empty-handed.
>
> Here's the breakdown (please don't laugh at the antiques...):
>
> Sun V210's running Solaris 5.8
> BIND 9.5.1-P3
>
> ...
> zone "blah.com" {
>          type slave;
>          file "/slave/db.blah.com";
>          masters { 10.xxx.xxx.xxx; };
>          allow-transfer { none; };
>          allow-query { "all-clients"; };
> };
> ...
>
> # Query local server (one with issues) fails
> $ dig www.blah.com.
>
> ;<<>>  DiG 9.5.1-P3<<>>  www.blah.com.
> ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 1735
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ; www.blah.com.                   IN      A
>
> ;; Query time: 2 msec
> ;; SERVER: 127.0.0.1#53(127.0.0.1)
> ;; WHEN: Mon Aug  2 14:12:48 2010
> ;; MSG SIZE  rcvd: 29
>
> # Query master directly or twin server from problem server succeeds
> $ dig @10.xxx.xxx.xxx www.blah.com.
>
> ;<<>>  DiG 9.5.1-P3<<>>  @10.xxx.xxx.xxx www.blah.com.
> ; (1 server found)
> ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 341
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ; www.blah.com.                   IN      A
>
> ;; ANSWER SECTION:
> www.blah.com.            300     IN      A       10.xxx.xxx.xxx
>
> ;; Query time: 34 msec
> ;; SERVER: 10.xxx.xxx.xxx #53(10.xxx.xxx.xxx)
> ;; WHEN: Mon Aug  2 14:14:16 2010
> ;; MSG SIZE  rcvd: 45
>
> Any ideas to point me in the right direction?
>
> Thanks,
>
> Brian
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
>
>

More information about the bind-users mailing list