Name resolution issue on one domain

babu dheen babudheen at yahoo.co.in
Fri Jan 13 15:09:08 UTC 2012


Dear Lyle,
 
Yes you are correct. problem with my side. I took care by removing this domain from sinkhole.
 
Regards
Babu

--- On Fri, 13/1/12, Lyle Giese <lyle at lcrcomputer.net> wrote:


From: Lyle Giese <lyle at lcrcomputer.net>
Subject: Re: Name resolution issue on one domain
To: bind-users at lists.isc.org
Cc: "babu dheen" <babudheen at yahoo.co.in>
Date: Friday, 13 January, 2012, 8:33 PM



With dig, you ARE getting a result.  Just not the result that is expected.  nslookup gives you no clues as to the issue, but this output does once you learn how to read it.  Do this:

dig @ns1.google.com soa fpdns.googlecode.com 

and compare.

I think you need to carefully review your named.conf on that server.

Dig is providing additional information that nslookup doesn't.  The SOA line is bogus and the appearance of localhost in there makes me think you have a mistake in your named.conf or someone has poisoned your cache(unlikely as this answer does not give the bad guy anything, they usually try to redirect queries to their servers and this won't).

Lyle Giese
LCR Computer Services, Inc.

On 01/12/12 23:15, babu dheen wrote: 





Yes i did for ns1, ns2, ns3 & ns4 as well. But when i do dig @127.0.0.1 i am not getting any result. Below is the output
 
Really i dont have any idea why?
 
 
$ dig @127.0.0.1 fpdns.googlecode.com
; <<>> DiG 1-RedHat-9.3.6-16.P1.el5_7.1 <<>> @127.0.0.1 fpdns.googlecode.com
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37398
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;fpdns.googlecode.com.          IN      A
;; AUTHORITY SECTION:
googlecode.com.         600     IN      SOA     localhost.googlecode.com. root.localhost. 2 10800 900 604800 86400
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Jan 13 08:12:21 2012
;; MSG SIZE  rcvd: 98

--- On Fri, 13/1/12, Lyle Giese <lyle at lcrcomputer.net> wrote:


From: Lyle Giese <lyle at lcrcomputer.net>
Subject: Re: Name resolution issue on one domain
To: 
Cc: bind-users at lists.isc.org
Date: Friday, 13 January, 2012, 1:05 AM



I am going to 'assume' that you also did a dig query against the other three google.com servers and they all answered satisfactorily.  But if you did not, you need to query ns3 & ns4, you already got good answer from ns1 and ns2

try:

dig @127.0.0.1 fpdns.googlecode.com

What program is running on 127.0.0.1 udp port 53?




On 01/12/12 12:54, babu dheen wrote: 





Dear Lyle,
 
 Below method works fine but when i give again nslookup fpdns.googlecode.com , i am not getting any response.
 
 What could be the issue?
 
Below is the complete result output
 
 
 
]$ dig +trace fpdns.googlecode.com
; <<>> DiG 1-RedHat-9.3.6-16.P1.el5_7.1 <<>> +trace fpdns.googlecode.com
;; global options:  printcmd
.                       454976  IN      NS      b.root-servers.net.
.                       454976  IN      NS      c.root-servers.net.
.                       454976  IN      NS      d.root-servers.net.
.                       454976  IN      NS      e.root-servers.net.
.                       454976  IN      NS      f.root-servers.net.
.                       454976  IN      NS      g.root-servers.net.
.                       454976  IN      NS      h.root-servers.net.
.                       454976  IN      NS      i.root-servers.net.
.                       454976  IN      NS      j.root-servers.net.
.                       454976  IN      NS      k.root-servers.net.
.                       454976  IN      NS      l.root-servers.net.
.                       454976  IN      NS      m.root-servers.net.
.                       454976  IN      NS      a.root-servers.net.
;; Received 272 bytes from 127.0.0.1#53(127.0.0.1) in 1 ms
com.                    172800  IN      NS      f.gtld-servers.net.
com.                    172800  IN      NS      g.gtld-servers.net.
com.                    172800  IN      NS      j.gtld-servers.net.
com.                    172800  IN      NS      c.gtld-servers.net.
com.                    172800  IN      NS      b.gtld-servers.net.
com.                    172800  IN      NS      m.gtld-servers.net.
com.                    172800  IN      NS      k.gtld-servers.net.
com.                    172800  IN      NS      a.gtld-servers.net.
com.                    172800  IN      NS      i.gtld-servers.net.
com.                    172800  IN      NS      h.gtld-servers.net.
com.                    172800  IN      NS      l.gtld-servers.net.
com.                    172800  IN      NS      e.gtld-servers.net.
com.                    172800  IN      NS      d.gtld-servers.net.
;; Received 498 bytes from 192.228.79.201#53(b.root-servers.net) in 262 ms
googlecode.com.         172800  IN      NS      ns2.google.com.
googlecode.com.         172800  IN      NS      ns1.google.com.
googlecode.com.         172800  IN      NS      ns3.google.com.
googlecode.com.         172800  IN      NS      ns4.google.com.
;; Received 181 bytes from 192.35.51.30#53(f.gtld-servers.net) in 217 ms
fpdns.googlecode.com.   86400   IN      CNAME   googlecode.l.google.com.
googlecode.l.google.com. 300    IN      A       173.194.67.82
;; Received 88 bytes from 216.239.34.10#53(ns2.google.com) in 130 ms

#############
$ dig @ns1.google.com fpdns.googlecode.com
; <<>> DiG 1-RedHat-9.3.6-16.P1.el5_7.1 <<>> @ns1.google.com fpdns.googlecode.com
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24193
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;fpdns.googlecode.com.          IN      A
;; ANSWER SECTION:
fpdns.googlecode.com.   86400   IN      CNAME   googlecode.l.google.com.
googlecode.l.google.com. 300    IN      A       173.194.67.82
;; Query time: 123 msec
;; SERVER: 216.239.32.10#53(216.239.32.10)
;; WHEN: Thu Jan 12 21:50:11 2012
;; MSG SIZE  rcvd: 88
#############################3
]$ nslookup
> fpdns.googlecode.com
Server:         127.0.0.1
Address:        127.0.0.1#53
** server can't find fpdns.googlecode.com: NXDOMAIN
> exit
 


--- On Thu, 12/1/12, Lyle Giese <lyle at lcrcomputer.net> wrote:


From: Lyle Giese <lyle at lcrcomputer.net>
Subject: Re: Name resolution issue on one domain
To: bind-users at lists.isc.org
Date: Thursday, 12 January, 2012, 8:15 PM



>From that machine, do a 

dig +trace fpdns.googlecode.com 

and analyze those results.

Then try 

dig @ns1.google.com fpdns.googlecode.com 

And repeat for the other authoritive name servers for that zone.

And realize that the 'issue' might be transitive, in other words here one minute, gone the next and that server cached an answer when the problem was present.

I can think of several things outside your control or your network that can cause this issue. Route to one of Google's name servers down.  Your Internet connection was full and that traffic was dropped or delayed enough to time out the query.

Lyle Giese
LCR Computer Services, Inc.

On 01/12/12 08:11, babu dheen wrote: 





Hi,
 
I can see only below line in the logs which is no more useful. Actully  i would like to find out where exactly DNS query is blocked during query process
 
 
client 127.0.0.1#46547: view localhost_resolver: query: fpdns.googlecode.com IN
A +

 
Regards
babu

--- On Thu, 12/1/12, Matus UHLAR - fantomas <uhlar at fantomas.sk> wrote:


From: Matus UHLAR - fantomas <uhlar at fantomas.sk>
Subject: Re: Name resolution issue on one domain
To: bind-users at lists.isc.org
Date: Thursday, 12 January, 2012, 4:00 PM


On 12.01.12 15:37, babu dheen wrote:
>  We have two gateway DNS server running in BIND. One DNS is using one ISP link and another DNS server is using another ISP link.

> Today i tried to resolve below URL from one DNS its not working whereas the same lookup is working fine another DNS.

> Non-authoritative answer:
> Name:    googlecode.l.google.com
> Address:  173.194.69.82
> Aliases:  fpdns.googlecode.com

> Any idea as to why one GW DNS is not giving result. Except this domain, all other domain name lookup happening on the same DNS server.

> How can i find out the exact reason?

Start with searching in logs of the second server.

-- Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Fighting for peace is like fucking for virginity...
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
bind-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users


 
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
bind-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

-----Inline Attachment Follows-----


_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
bind-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

-----Inline Attachment Follows-----


_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
bind-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20120113/ace3750e/attachment.html>


More information about the bind-users mailing list