Spotty Lookups on One of Our Networks

John Miller johnmill at brandeis.edu
Wed Oct 31 18:17:44 UTC 2012


Martin, what do you see if you do a packet capture on the host where you're
running dig?  How 'bout at the border of your network?  Obviously traffic's
not making it through, but where?  Any sort of split routing paths that
might be involved?

John

On Wed, Oct 31, 2012 at 8:54 AM, Martin McCormick <martin at dc.cis.okstate.edu
> wrote:

> I described a case where one of our remote campuses can't
> resolve a number of remote domains. One example is noaa.gov. It
> also successfully resolves random remote domains without
> seemingly any rime or reason.
>
>         Here is a bad dig trace for noaa.gov
>
>
> ; <<>> DiG 9.7.7 <<>> @localhost +trace noaa.gov
> ; (2 servers found)
> ;; global options: +cmd
> .                       453464  IN      NS      b.root-servers.net.
> .                       453464  IN      NS      l.root-servers.net.
> .                       453464  IN      NS      a.root-servers.net.
> .                       453464  IN      NS      i.root-servers.net.
> .                       453464  IN      NS      j.root-servers.net.
> .                       453464  IN      NS      f.root-servers.net.
> .                       453464  IN      NS      g.root-servers.net.
> .                       453464  IN      NS      e.root-servers.net.
> .                       453464  IN      NS      h.root-servers.net.
> .                       453464  IN      NS      d.root-servers.net.
> .                       453464  IN      NS      c.root-servers.net.
> .                       453464  IN      NS      k.root-servers.net.
> .                       453464  IN      NS      m.root-servers.net.
> ;; Received 512 bytes from 127.0.0.1#53(127.0.0.1) in 320 ms
>
> gov.                    172800  IN      NS      b.gov-servers.net.
> gov.                    172800  IN      NS      a.gov-servers.net.
> ;; Received 133 bytes from 192.58.128.30#53(192.58.128.30) in 210 ms
>
> noaa.gov.               86400   IN      NS      ns-e.noaa.gov.
> noaa.gov.               86400   IN      NS      ns-mw.noaa.gov.
> noaa.gov.               86400   IN      NS      ns-nw.noaa.gov.
>
>         This trace took several minutes since no successful
> resolution was made.
>
>         Here is a good trace using our DNS.
>
>
> ; <<>> DiG 9.8.1-P1 <<>> +trace @localhost noaa.gov
> ; (2 servers found)
> ;; global options: +cmd
> .                       369104  IN      NS      d.root-servers.net.
> .                       369104  IN      NS      j.root-servers.net.
> .                       369104  IN      NS      b.root-servers.net.
> .                       369104  IN      NS      g.root-servers.net.
> .                       369104  IN      NS      i.root-servers.net.
> .                       369104  IN      NS      e.root-servers.net.
> .                       369104  IN      NS      l.root-servers.net.
> .                       369104  IN      NS      m.root-servers.net.
> .                       369104  IN      NS      h.root-servers.net.
> .                       369104  IN      NS      f.root-servers.net.
> .                       369104  IN      NS      c.root-servers.net.
> .                       369104  IN      NS      a.root-servers.net.
> .                       369104  IN      NS      k.root-servers.net.
> ;; Received 512 bytes from 127.0.0.1#53(127.0.0.1) in 497 ms
>
> gov.                    172800  IN      NS      a.gov-servers.net.
> gov.                    172800  IN      NS      b.gov-servers.net.
> ;; Received 133 bytes from 192.112.36.4#53(192.112.36.4) in 439 ms
>
> noaa.gov.               86400   IN      NS      ns-e.noaa.gov.
> noaa.gov.               86400   IN      NS      ns-mw.noaa.gov.
> noaa.gov.               86400   IN      NS      ns-nw.noaa.gov.
> ;; Received 133 bytes from 69.36.157.30#53(69.36.157.30) in 224 ms
>
> noaa.gov.               86400   IN      A       140.90.200.21
> noaa.gov.               86400   IN      A       140.172.17.21
> noaa.gov.               86400   IN      A       129.15.96.21
> noaa.gov.               86400   IN      NS      ns-e.noaa.gov.
> noaa.gov.               86400   IN      NS      ns-mw.noaa.gov.
> noaa.gov.               86400   IN      NS      ns-nw.noaa.gov.
> ;; Received 181 bytes from 140.90.33.237#53(140.90.33.237) in 37 ms
>
> Barry Margolin writes:
> > I'm not sure what you mean by that sentence about getting authoritative
> > DNSs from X when it sbould be from Y. Can you post the actual dig?
> >
> > BTW, @servername doesn't mean much when using +trace, since +trace
> > queries the servers listed in NS records, not a resolver.
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>



-- 
John Miller
Systems Engineer
Brandeis University
johnmill at brandeis.edu
(781) 736-4619
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20121031/583304b7/attachment.html>


More information about the bind-users mailing list