Client cannot resolve communities.intel.com

Kevin Darcy kcd at chrysler.com
Tue Jul 5 20:08:11 UTC 2011


On 7/5/2011 12:28 AM, Fajar A. Nugraha wrote:
> On Tue, Jul 5, 2011 at 10:29 AM, vr<bind-user at iotk.net>  wrote:
>> Hello,
>>
>> I am trying to visit "http://communities.intel.com" using Iceweasel on a
>> Debian desktop PC. No proxies.
>>
>> My clients etc/resolv.conf point to my own Debian BIND 9.7.3 installed on a
>> separate server and installed from distribution packages (bind9
>>   1:9.7.3.dfsg-1~squeeze2).
>>
>>  From myDesktop, NSLOOKUP fails but DIG shows a CNAME record. I see the same
>> results from the BIND server so I've included just the output from myDesktop
>> below. Also included below is my named.conf.
>>
>> Do I have something obvious in BIND screwed up?
> Quite possibly so. And you use dig incorrectly too.
>
>> me at myDesktop:~$ dig communities.intel.com ns.iotk.net
> this should be
>
> $ dig communities.intel.com @ns.iotk.net
>
>> ;; ANSWER SECTION:
>> communities.intel.com.  207     IN      CNAME   intel-2.hs.llnwd.net.
> so it finds the cname ...
>
>> ;; AUTHORITY SECTION:
>> llnwd.net.              604800  IN      SOA     localhost. root.localhost.
>> 2008071301 604800 86400 2419200 604800
> ... but your DNS has a broken record for llnwd.net. It should be
>
> ;; ANSWER SECTION:
> llnwd.net.		3600	IN	SOA	dns11.llnwd.net. hostmaster.llnwd.net. 210 900
> 300 604800 300
>
Yeah, there's some nasty stuff in that nameserver's version of the 
llnwd.net zone:

% dig llnwd.net ns +norec @99.30.25.1

; <<>> DiG 9.4.3-P3 <<>> llnwd.net ns +norec @99.30.25.1
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1589
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 2

;; QUESTION SECTION:
;llnwd.net.                     IN      NS

;; ANSWER SECTION:
llnwd.net.              604800  IN      NS      localhost.

;; ADDITIONAL SECTION:
localhost.              604800  IN      A       127.0.0.1
localhost.              604800  IN      AAAA    ::1

;; Query time: 36 msec
;; SERVER: 99.30.25.1#53(99.30.25.1)
;; WHEN: Tue Jul  5 16:02:45 2011
;; MSG SIZE  rcvd: 94

Since the nameserver is responding authoritatively, the llnwd.net zone 
would appear to be defined as "type master" or "type slave", despite the 
fact that it was missing from the named.conf posted earlier.

                                                                         
                                                                         
- Kevin





More information about the bind-users mailing list