From owner-freebsd-stable@FreeBSD.ORG Mon Apr 23 23:16:16 2007 Return-Path: X-Original-To: freebsd-stable@freebsd.org Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id C353316A400 for ; Mon, 23 Apr 2007 23:16:16 +0000 (UTC) (envelope-from howard@leadmon.net) Received: from ibm.leadmon.net (ibm.leadmon.net [207.114.24.13]) by mx1.freebsd.org (Postfix) with ESMTP id 74C6713C458 for ; Mon, 23 Apr 2007 23:16:16 +0000 (UTC) (envelope-from howard@leadmon.net) Received: from HDLDesktop (hdl-desktop.leadmon.net [207.114.24.8]) (authenticated bits=0) by ibm.leadmon.net (8.13.8/8.13.8/LNSG+SCOP+NJABL+SBL+DSBL+SORBS+CBL+RHSBL) with ESMTP id l3NMePsY049992 for ; Mon, 23 Apr 2007 18:40:28 -0400 (EDT) (envelope-from howard@leadmon.net) X-DKIM: Sendmail DKIM Filter v0.5.2 ibm.leadmon.net l3NMePsY049992 DKIM-Signature: a=rsa-sha1; c=relaxed/simple; d=leadmon.net; s=default; t=1177368028; bh=wMpUx98okSEGBbWi0/kBfJ+R96Y=; h=X-DomainKeys: DomainKey-Signature:Authentication-Results:X-SenderID:From:To: Subject:Date:Organization:Message-ID:MIME-Version:Content-Type: Content-Transfer-Encoding:X-Mailer:X-MimeOLE:Thread-Index; b=XTiEOu 5f84FIQzPlOVBZhO7kcjjUs0e6VRqoDlvTPU0LAsgQnuOiNKFICSG8lOu7K6EjxPcsL HzgUL0nVSlz/wGjz8UnD2eKbEx0TwzwOwliDxJZFZ8clX3w7fmphq6agkv/Cixu1HiO 94v4G5XILc6Gv1ZLXOpa5Sxlibs6JKk= X-DomainKeys: Sendmail DomainKeys Filter v0.4.1 ibm.leadmon.net l3NMePsY049992 DomainKey-Signature: a=rsa-sha1; s=default; d=leadmon.net; c=nofws; q=dns; h=authentication-results:x-senderid:from:to:subject:date: organization:message-id:mime-version:content-type: content-transfer-encoding:x-mailer:x-mimeole:thread-index; b=k2NUUNhxv88bEoyj8r9FoXFboTq3KSHqBl/m4Ye2sWIjf3jpI/n3LT5Jzew6fNLUE eWL6pneuBC1ulvw5pzlHhDdCO3/iKxSm88FQybctZRq01FhIh+1T6II2fzNpJRodlg2 yzLSny0tlkTDGGLuWbdor7LQyJnYPl3k5mcdmrM= Authentication-Results: ibm.leadmon.net from=howard@leadmon.net; sender-id=pass; spf=pass X-SenderID: Sendmail Sender-ID Filter v0.2.14 ibm.leadmon.net l3NMePsY049992 From: "Howard Leadmon" To: Date: Mon, 23 Apr 2007 18:40:20 -0400 Organization: Leadmon Networking Message-ID: <005101c785f8$62b04010$081872cf@Leadmon.local> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook 11 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3028 Thread-Index: AceF+F9MKi7ZRum+QleNdV2+zzVwFw== Subject: FreeBSD DNS Resolver Issues? X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 23 Apr 2007 23:16:16 -0000 OK, now I am a bit stumped, so wanted to post here in hopes someone might have an idea. First off the FBSD machine in question is an x86 server running 6.2-STABLE from a supped from a few weeks ago, so is fairly current. I use said machine to handle all of my eMail and things in general seem to work great, though I have this one mystery. I we try and send mail to anyuser@wtplaw.com the mail will just set in the queue forever, until it's returned as a failure. Talking with the admins at wtplaw they are swearing their configs are correct, and it's something on our side. Looking at the mailq, I see: l3NEqolY011124 28697 Mon Apr 23 10:52 (Deferred: Name server: mail.wtplaw.com.: host name lookup fa) So as it's quick an easy I used dig and did a lookup: $ host wtplaw.com wtplaw.com has address 69.20.43.246 wtplaw.com mail is handled by 10 mail.wtplaw.com. Then on mail.wtplaw.com: $ host mail.wtplaw.com mail.wtplaw.com has address 65.111.69.228 mail.wtplaw.com has address 66.166.181.163 Host mail.wtplaw.com not found: 2(SERVFAIL) ;; connection timed out; no servers could be reached As you can see I am getting a failure, which I know will make sendmail blow a gasket over the issue. Oh and use I have the WorkAroundBrokenAAAA set in my configs. Here is where it gets interesting, and confuses me. I also have a Sun SPARC server running Solaris-10, so figured I would try the same on it. Note that both servers use the same DNS servers for resolution, plus I also tried the above specifying the actual listed nameservers for wtplaw.com and got the same results. OK, so let's try the above on my Solaris-10 server: $ host wtplaw.com wtplaw.com has address 69.20.43.246 wtplaw.com mail is handled by 10 mail.wtplaw.com. and: $ host mail.wtplaw.com mail.wtplaw.com has address 65.111.69.228 mail.wtplaw.com has address 66.166.181.163 Note I am getting no failure messages from my Solaris machine. So I even turned on -v verbose option. Here is from the FreeBSD machine: $ host -v mail.wtplaw.com Trying "mail.wtplaw.com" ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27765 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 1 ;; QUESTION SECTION: ;mail.wtplaw.com. IN A ;; ANSWER SECTION: mail.wtplaw.com. 3 IN A 65.111.69.228 mail.wtplaw.com. 3 IN A 66.166.181.163 ;; AUTHORITY SECTION: mail.wtplaw.com. 85342 IN NS lp2.wtplaw.com. mail.wtplaw.com. 85342 IN NS lp1.wtplaw.com. ;; ADDITIONAL SECTION: lp2.wtplaw.com. 85864 IN A 66.166.181.172 Received 117 bytes from 207.114.24.13#53 in 22 ms Trying "mail.wtplaw.com" Host mail.wtplaw.com not found: 2(SERVFAIL) Received 33 bytes from 207.114.24.13#53 in 80 ms Trying "mail.wtplaw.com" ;; connection timed out; no servers could be reached Note the failures. I am have to honestly say I am not totally sure what it's trying to do at the end there, maybe someone can explain that one to me. Here is the Solaris-10 machine making the same query: $ host -v mail.wtplaw.com Trying "mail.wtplaw.com" ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 549 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 1 ;; QUESTION SECTION: ;mail.wtplaw.com. IN A ;; ANSWER SECTION: mail.wtplaw.com. 3 IN A 65.111.69.228 mail.wtplaw.com. 3 IN A 66.166.181.163 ;; AUTHORITY SECTION: mail.wtplaw.com. 85225 IN NS lp1.wtplaw.com. mail.wtplaw.com. 85225 IN NS lp2.wtplaw.com. ;; ADDITIONAL SECTION: lp2.wtplaw.com. 85747 IN A 66.166.181.172 Received 117 bytes from 207.114.24.13#53 in 40 ms Again, the query seemed fine, no troubles. As stated earlier, talking to the sysadmin of the wtplaw.com site, they are swearing there is nothing wrong, they are responding to queries as they should be, and that we have a configuration problem on our end. If this is true, I'd sure love to know what it is, so I can fix it, and if not I'd love to know what to tell them is wrong with their DNS so I can get it corrected. As right now I am bouncing mail from a few clients to this user, and I can't seem to find any resolution to this issue. When I realized that Solaris seems happy with their DNS, but FBSD is not, it just made this even more of a mystery. If anyone can help shed any light on this it would sure be appreciated.. --- -Howard