Date: Mon, 16 Jul 2001 19:57:57 -0500 (CDT) From: Mike Silbersack <silby@silby.com> To: Matt Dillon <dillon@earth.backplane.com> Cc: Len Conrad <LConrad@Go2France.com>, <freebsd-hackers@FreeBSD.ORG> Subject: Re: Weird named problem - IN A for nameservers being lost! Message-ID: <20010716195409.U74787-100000@achilles.silby.com> In-Reply-To: <200107170045.f6H0j8N33016@earth.backplane.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 16 Jul 2001, Matt Dillon wrote: > I've been trying to track down a weird problem with our mail system > suddenly believing that a host does not exist, or timing out in DNS. > > I tracked it down to the DNS server, but I am not entirely sure what is > going on. What appears to be happening is that the glue IN A record > for the NS server for a domain is getting lost, and the NS record is > remaining. When named gets into this state, it doesn't seem to be able > to recover... it sees the NS record but it can't resolve it because > the glue record is gone, and it doesn't try to get it after that. This looks like a problem brought up on the djbdns mailing list a long while ago. When the NS records listed with the roots and the NS records returned by the NSes don't match (or share any NSes whatsoever, for that matter), BIND breaks as you've described. The resolution, as I recall, was "don't do that!" Bind 9 might handle the case correctly, as might djbdns. In any case, the admins of jamcracker.com should be synchronizing their NS listings. Here's how it is now: > dig jamcracker.com NS ; <<>> DiG 8.3 <<>> jamcracker.com NS ;; res options: init recurs defnam dnsrch ;; got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 2 ;; QUERY SECTION: ;; jamcracker.com, type = NS, class = IN ;; ANSWER SECTION: jamcracker.com. 2D IN NS SCA03.SEC.DNS.EXODUS.NET. jamcracker.com. 2D IN NS SCA02.SEC.DNS.EXODUS.NET. > dig jamcracker.com NS @sca03.sec.dns.exodus.net ; <<>> DiG 8.3 <<>> jamcracker.com NS @sca03.sec.dns.exodus.net ; (1 server found) ;; res options: init recurs defnam dnsrch ;; got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; QUERY SECTION: ;; jamcracker.com, type = NS, class = IN ;; ANSWER SECTION: jamcracker.com. 1H IN NS fuji.jamcracker.com. Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010716195409.U74787-100000>