Date: Fri, 22 Nov 2002 09:32:07 +0000 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: Jeff <jeffi@rcn.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: dns problem Message-ID: <20021122093207.GB21672@happy-idiot-talk.infracaninophi> In-Reply-To: <20021122041534.GA71059@rcn.com> References: <20021122041534.GA71059@rcn.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Nov 21, 2002 at 11:15:34PM -0500, Jeff wrote:
> I'm not sure why the only requests that go out are the AAAA requests and not
> the A's... as I mentioned before, this is the only domain that I have
> experienced this behavior on, but the test set is small enough that I dont
> want to assume its etrade, especially since I see my server only sending
> AAAA's out.
As far as I can tell, the DNS servers for etrade.com are working fine
now. I can see the site perfectly well myself. They haven't got any
AAAA addresses in their zone data, but their servers are responding
correctly with NXDomain messages when queried for them. Your web
browser should then proceed to doing an IPv4 lookup and work with
that.
The reason you aren't seeing the A queries going out of your external
firewall interface is that they've been cached on your internal
server. The negative responses to AAAA queries aren't cached for any
great length of time, so you're a lot more likely to see your server
emitting recursive queries for them.
The problem seems to be this:
> 22:54:51.702916 192.168.25.200.41933 > 192.168.25.101.53:
> 63227+ A? www.etrade.com. (32)
> 22:54:51.702992 192.168.25.101.53 > 192.168.25.200.41933:
> 63227 NXDomain 0/0/0 (32)
Your DNS is not returning the correct IP number in response to an A
query. Somehow it has cached the wrong data, and it's not refreshing
it from the authoritative source. You should see something like this
if you try looking them up with dig(1):
% dig www.etrade.com IN A
; <<>> DiG 8.3 <<>> www.etrade.com IN A
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 0
;; QUERY SECTION:
;; www.etrade.com, type = A, class = IN
;; ANSWER SECTION:
www.etrade.com. 15S IN A 12.153.224.22
;; AUTHORITY SECTION:
www.etrade.com. 23h59m59s IN NS gsched3.etrade.com.
www.etrade.com. 23h59m59s IN NS gsched4.etrade.com.
www.etrade.com. 23h59m59s IN NS gsched2.etrade.com.
;; Total query time: 214 msec
;; FROM: happy-idiot-talk.infracaninophile.co.uk to SERVER: default -- 127.0.0.1
;; WHEN: Fri Nov 22 09:28:43 2002
;; MSG SIZE sent: 32 rcvd: 114
Dump the DNS cache using 'ndc dumpdb' and grep through it for
'etrade.com' to see if the entries look reasonable. Try restarting
your DNS server so it begins again with an empty cache.
Cheers,
Matthew
--
Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks
Savill Way
Marlow
Tel: +44 1628 476614 Bucks., SL7 1TH UK
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021122093207.GB21672>