Name Resolution issue with one domain

babu dheen babudheen at yahoo.co.in
Tue Mar 20 08:15:18 UTC 2012


Dear Michael,
 
 If its related remote domain NS issue, i shouldn't be able to resolve the domain from anywhere continously. But i am able to resolve it from internet without any issue. Problem is with only from our company BIND DNS server only.
 
Below is the BIND GW Logs:
 
client 10.1.1.3#63581: view localhost_resolver: query: www.dubaiairport.com IN A +E
client 10.1.1.3#63836: view localhost_resolver: query: www.dubaiairport.com IN A +
client 10.1.1.3#62249: view localhost_resolver: query: www.dubaiairport.com IN A +E
client 10.1.1.3#64215: view localhost_resolver: query: www.dubaiairport.com IN AAAA +

Below is the sniffer logs:
 
3.351081 10.0.0.1  --> 213.42.52.75 DNS Standard Query A www.dubaiairport.com
10.761810 10.0.0.2 --> 213.42.75.79 DNS Standard Query A www.dubaiairport.com
 
Above sniffer logs clearly shows that we are not getting response packet from www.dubaiairport.com NS.
 
Regards
Papdheen M
 

________________________________
 From: Michael Sinatra <michael at rancid.berkeley.edu>
To: babu dheen <babudheen at yahoo.co.in> 
Cc: Bind Users Mailing List <bind-users at lists.isc.org> 
Sent: Monday, 19 March 2012 11:43 PM
Subject: Re: Name Resolution issue with one domain
  
On 03/19/12 13:28, babu dheen wrote:
> Dear Support,
> I am trying to resolve www.dubaiairport.com
> <http://www.dubaiairport.com> from my GW BIND server as below. But not
> getting any output
> $ dig A www.dubaiairport.com <http://www.dubaiairport.com>
> ; <<>> DiG 9.3.4-P1 <<>> A www.dubaiairport.com
> <http://www.dubaiairport.com>
> ;; global options: printcmd
> ;; connection timed out; no servers could be reached
> Whereas, when i try through dubaiairport.com NS, i am getting the
> response as below. What could be the problem. Any idea?
> $ dig @213.42.52.79 A www.dubaiairport.com <http://www.dubaiairport.com>
> ; <<>> DiG 9.3.4-P1 <<>> @213.42.52.79 A www.dubaiairport.com
> <http://www.dubaiairport.com>
> ; (1 server found)
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48514
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
> ;; QUESTION SECTION:
> ;www.dubaiairport.com. IN A
> ;; ANSWER SECTION:
> www.dubaiairport.com <http://www.dubaiairport.com>. 7200 IN A 213.42.55.169
> ;; Query time: 127 msec
> ;; SERVER: 213.42.52.79#53(213.42.52.79)
> ;; WHEN: Mon Mar 19 23:25:35 2012
> ;; MSG SIZE rcvd: 54

When you see this sort of situation, a good guess is that there is an authority mismatch and some/all of the authoritative NS records listed in the child zone are not responding.  In this case, there is an authority mismatch:

dig +trace ns dubaiairport.com

[skip root response]

dubaiairport.com.       172800  IN      NS      dcaowa01.dubaiairport.com.
dubaiairport.com.       172800  IN      NS      svr-b003.dubaiairport.com.
[RRSIG deleted]
;; Received 608 bytes from 192.12.94.30#53(192.12.94.30) in 724 ms

dubaiairport.com.       7200    IN      NS      secdns.dubaiairport.com.
dubaiairport.com.       7200    IN      NS      auhans2.ecompany.ae.
dubaiairport.com.       7200    IN      NS      dxbans2.ecompany.ae.
dubaiairport.com.       7200    IN      NS      dxbans1.ecompany.ae.
dubaiairport.com.       7200    IN      NS      dcaowa01.dubaiairport.com.
dubaiairport.com.       7200    IN      NS      auhans1.ecompany.ae.
dubaiairport.com.       7200    IN      NS      svr-b003.dubaiairport.com.
;; Received 323 bytes from 213.42.52.79#53(213.42.52.79) in 279 ms

One of the above DNS servers, secdns.dubaiairport.com, isn't responding for me.  Sometimes that's enough to cause intermittent timeouts for dig.

dig +nssearch dubaiairport.com
SOA dcaowa01.dca.com. administrator.dubaiairport.com. 2005061961 900 600 86400 7200 from server 213.42.52.79 in 278 ms.
SOA dcaowa01.dca.com. administrator.dubaiairport.com. 2005061961 900 600 86400 7200 from server 195.229.237.52 in 278 ms.
SOA dcaowa01.dca.com. administrator.dubaiairport.com. 2005061961 900 600 86400 7200 from server 194.170.1.99 in 282 ms.
SOA dcaowa01.dca.com. administrator.dubaiairport.com. 2005061961 900 600 86400 7200 from server 213.42.52.75 in 288 ms.
SOA dcaowa01.dca.com. administrator.dubaiairport.com. 2005061961 900 600 86400 7200 from server 194.170.1.6 in 289 ms.
SOA dcaowa01.dca.com. administrator.dubaiairport.com. 2005061961 900 600 86400 7200 from server 194.170.1.7 in 293 ms.
;; connection timed out; no servers could be reached [referring to secdns.dubaiairport.com]

michael
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20120320/07911c58/attachment.html>


More information about the bind-users mailing list