Need a DNS expert
Andrew - Supernews
andrew at supernews.net
Mon Oct 20 17:13:30 UTC 2003
>>>>> "Geo" == Geo <georger at getinfo.net> writes:
Geo> Got something really weird going on and I need a bit of help
Geo> from someone who is really good with dns.
Geo> Domain elby.ch
Geo> seems to resolve from some DNS servers but not from others. Can
Geo> you see anything that might break dns resolution for this
Geo> domain?
Yes, you've got _way_ too many levels of referrals before any glue
records show up.
The chain looks something like this:
.ch servers return referral elby.ch -> ns{1,2}.elbyns.de with no glue.
.de servers return referral elbyns.de -> ns{1,2}.aixns.de with no glue.
.de servers return referral aixns.de -> ns0.ns0.de,ns2.ns2.de with no glue.
.de servers return referral ns0.de/ns2.de -> ns*.denoc.de with glue.
When I tried it with the squish.net dns checker (turn on "show
resolving of referrals" to see the awful details of the referral
chain) I got at least one query timeout, so the results were:
10.7% of queries will end in failure at 62.116.163.62 (ns2.ns2.de) -
failed to resolve ns2.elbyns.de due to 62.116.163.62 - failed to
resolve ns1.aixns.de due to 62.116.163.62 - query timed out
10.7% of queries will end in failure at 62.116.163.62 (ns2.ns2.de) -
failed to resolve ns1.elbyns.de due to 62.116.163.62 - failed to
resolve ns1.aixns.de due to 62.116.163.62 - query timed out
39.3% of queries will be returned by 62.116.130.76 (ns1.elbyns.de)
elby.ch. 86400 IN A 213.130.59.30
39.3% of queries will be returned by 62.116.162.15 (ns2.elbyns.de)
elby.ch. 86400 IN A 213.130.59.30
But the squish.net checker has no limit on referrals - many resolvers,
especially older BIND, will just time out chasing the referrals unless
it already has them cached.
--
Andrew, Supernews
More information about the NANOG
mailing list