dns issues?

Lyle Evans mlevans at blacksburg.net
Fri Mar 3 15:33:21 PST 2006 

At 05:04 PM 03/03/2006, you wrote:

>Can anyone tell me why the resolver on my 4-STABLE box (updated 3 
>months ago), would suddenly stop being able to resolve 
>krab.centaf.af.mil?  A restart of named fixed the issue, but I'm 
>curious as to why it would stop resolving in the first place.  I've 
>googled, but haven't found anything relevant to the issue.
>
>This has caused much grief for one of my customers who's son is in 
>Iraq, and I'd like to prevent it from happening again in the future.


Troy,
         It looks like to me one of the 2 Name servers for 
krab.centaf.af.mil is misconfigured,
no A records. I would drop the appropriate admins a friendly note. If 
they don't fix it,
you could put a local host entry. The bad entry was poisoning your 
cache and at TTL expiration
Bind tries again with a 50% per cent chance (or maybe more since the 
bad DNS server is listed
first), of getting a bad entry again. They are probably other ways of 
fixing the problem also.

Regards,
Lyle Evans
Blacksburg.Net

...

centaf.af.mil.          1D IN NS        ns.centaf.af.mil.
centaf.af.mil.          1D IN NS        centaf-3253.centaf.af.mil.

;; ADDITIONAL SECTION:
ns.centaf.af.mil.       1D IN A         207.133.180.250
centaf-3253.centaf.af.mil.  1D IN A  207.133.180.243

;; Total query time: 165 msec
;; FROM: vulcan.blacksburg.net to SERVER: 132.25.88.211
;; WHEN: Fri Mar  3 18:09:43 2006
;; MSG SIZE  sent: 36  rcvd: 111

-su-2.05b# ping krab.centaf.af.mil
ping: cannot resolve krab.centaf.af.mil: No address associated with name
-su-2.05b# dig @207.133.180.250 krab.centaf.af.mil

; <<>> DiG 8.3 <<>> @207.133.180.250 krab.centaf.af.mil
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36582
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUERY SECTION:
;;      krab.centaf.af.mil, type = A, class = IN

;; AUTHORITY SECTION:
krab.centaf.af.mil.     2h58m1s IN SOA  ns1.aorcentaf.af.mil. 
root.ns1.aorcentaf.af.mil. (
                                         2005080401      ; serial
                                         8H              ; refresh
                                         1H              ; retry
                                         2W              ; expiry
                                         1D )            ; minimum


;; Total query time: 474 msec
;; FROM: vulcan.blacksburg.net to SERVER: 207.133.180.250
;; WHEN: Fri Mar  3 18:15:50 2006
;; MSG SIZE  sent: 36  rcvd: 91

-su-2.05b# dig @207.133.180.243 krab.centaf.af.mil

; <<>> DiG 8.3 <<>> @207.133.180.243 krab.centaf.af.mil
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54793
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 2
;; QUERY SECTION:
;;      krab.centaf.af.mil, type = A, class = IN

;; AUTHORITY SECTION:
krab.centaf.af.mil.     1D IN NS        ns2.aorcentaf.af.mil.
krab.centaf.af.mil.     1D IN NS        ns1.aorcentaf.af.mil.

;; ADDITIONAL SECTION:
ns1.aorcentaf.af.mil.   8h55m16s IN A   153.26.176.42
ns2.aorcentaf.af.mil.   11h18m33s IN A  153.24.70.42

;; Total query time: 110 msec
;; FROM: vulcan.blacksburg.net to SERVER: 207.133.180.243
;; WHEN: Fri Mar  3 18:16:36 2006
;; MSG SIZE  sent: 36  rcvd: 114

More information about the freebsd-isp mailing list