Client cannot resolve communities.intel.com
kcd at chrysler.com
Tue Jul 5 20:08:11 UTC 2011
On 7/5/2011 12:28 AM, Fajar A. Nugraha wrote:
> On Tue, Jul 5, 2011 at 10:29 AM, vr<bind-user at iotk.net> wrote:
>> I am trying to visit "http://communities.intel.com" using Iceweasel on a
>> Debian desktop PC. No proxies.
>> My clients etc/resolv.conf point to my own Debian BIND 9.7.3 installed on a
>> separate server and installed from distribution packages (bind9
>> From myDesktop, NSLOOKUP fails but DIG shows a CNAME record. I see the same
>> results from the BIND server so I've included just the output from myDesktop
>> below. Also included below is my named.conf.
>> Do I have something obvious in BIND screwed up?
> Quite possibly so. And you use dig incorrectly too.
>> me at myDesktop:~$ dig communities.intel.com ns.iotk.net
> this should be
> $ dig communities.intel.com @ns.iotk.net
>> ;; ANSWER SECTION:
>> communities.intel.com. 207 IN CNAME intel-2.hs.llnwd.net.
> so it finds the cname ...
>> ;; AUTHORITY SECTION:
>> llnwd.net. 604800 IN SOA localhost. root.localhost.
>> 2008071301 604800 86400 2419200 604800
> ... but your DNS has a broken record for llnwd.net. It should be
> ;; ANSWER SECTION:
> llnwd.net. 3600 IN SOA dns11.llnwd.net. hostmaster.llnwd.net. 210 900
> 300 604800 300
Yeah, there's some nasty stuff in that nameserver's version of the
% dig llnwd.net ns +norec @22.214.171.124
; <<>> DiG 9.4.3-P3 <<>> llnwd.net ns +norec @126.96.36.199
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1589
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 2
;; QUESTION SECTION:
;llnwd.net. IN NS
;; ANSWER SECTION:
llnwd.net. 604800 IN NS localhost.
;; ADDITIONAL SECTION:
localhost. 604800 IN A 127.0.0.1
localhost. 604800 IN AAAA ::1
;; Query time: 36 msec
;; SERVER: 188.8.131.52#53(184.108.40.206)
;; WHEN: Tue Jul 5 16:02:45 2011
;; MSG SIZE rcvd: 94
Since the nameserver is responding authoritatively, the llnwd.net zone
would appear to be defined as "type master" or "type slave", despite the
fact that it was missing from the named.conf posted earlier.
More information about the bind-users