In message <d08daa78-9f6c-40be-894d-7d388cd51...@gronkulator.com>, Rich Goodson writes: > Hi all, > > I have some caching resolvers that are running BIND 9.4.3. They > answer about 30k-ish recursive queries per second at peak hours. > > Every couple of weeks or so, we get calls to customer support with > complaints that the www.capitalone.com web site is unavailable.
Complain to capitalone.com. wpex.capitalone.com is badly delegated. The namesevers wpex.capitalone.com are delegated to are not configured to serve the zone wpex.capitalone.com, instead they are serving capitalone.com but not the version of the zone served by ns[123].capitalone.com. Additionally the servers for wpex.capitalone.com don't have the address records for the nameservers for wpex.capitalone.com. Note the SOA record below is for capitalone.com not wpex.capitalone.com like it should be. Mark ; <<>> DiG 9.6.0-P1 <<>> +norec ns1-cardinal.wpex.capitalone.com. @208.80.48.74 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60944 ;; flags: qr aa; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;ns1-cardinal.wpex.capitalone.com. IN A ;; AUTHORITY SECTION: capitalone.com. 60 IN SOA cardinal01p.capitalone.com. hostmaster.cardinal01p.capitalone.com. 17 10800 3600 604800 60 ;; Query time: 231 msec ;; SERVER: 208.80.48.74#53(208.80.48.74) ;; WHEN: Wed Jan 14 13:59:20 2009 ;; MSG SIZE rcvd: 109 > The CNAME for www.capitalone.com points to www.wpex.capitalone.com, > which is served out by a different set of name servers: > wpex.capitalone.com. 3600 IN NS ns2-mockingbird.wpex.capitalone > .com. > wpex.capitalone.com. 3600 IN NS ns1-cardinal.wpex.capitalone.co > m. > those name servers are, apparently, occasionally unavailable, at least > from our network, and we end up with a negative cached record that I > suspect lasts 48 hours. > > right now, I am doing a workaround with a shell script that looks > something like this (this is just a snippet, btw, not the full script): > rndc dumpdb > if [ `grep capitalone.com /var/dump/named_dump.db | grep -q > NXDOMAIN` ]; then > rndc flushname `grep capitalone.com | grep NXDOMAIN | awk '{print $1}'` > > This may not be the only host/domain that we have occasional > difficulty with, but it's certainly the only one that has calls from > CS that get filtered down to me. Is this something broken in our > resolvers, or is this (as I suspect) just a really wonky and somewhat > broken implementation on the part of capitalone.com? Is anyone else > having difficulty with resolution of this domain? > > Here's a dig from one of our name servers. (the dig is from my > workstation which has 9.4.2-P2 on it). > > ; <<>> DiG 9.4.2-P2 <<>> +trace @wdmdc-dns1 www.capitalone.com > ; (1 server found) > ;; global options: printcmd > . 242071 IN NS K.ROOT-SERVERS.NET. > . 242071 IN NS H.ROOT-SERVERS.NET. > . 242071 IN NS J.ROOT-SERVERS.NET. > . 242071 IN NS L.ROOT-SERVERS.NET. > . 242071 IN NS B.ROOT-SERVERS.NET. > . 242071 IN NS D.ROOT-SERVERS.NET. > . 242071 IN NS M.ROOT-SERVERS.NET. > . 242071 IN NS I.ROOT-SERVERS.NET. > . 242071 IN NS E.ROOT-SERVERS.NET. > . 242071 IN NS F.ROOT-SERVERS.NET. > . 242071 IN NS A.ROOT-SERVERS.NET. > . 242071 IN NS C.ROOT-SERVERS.NET. > . 242071 IN NS G.ROOT-SERVERS.NET. > ;; Received 512 bytes from 12.207.232.47#53(12.207.232.47) in 17 ms > > com. 172800 IN NS K.GTLD-SERVERS.NET. > com. 172800 IN NS C.GTLD-SERVERS.NET. > com. 172800 IN NS A.GTLD-SERVERS.NET. > com. 172800 IN NS M.GTLD-SERVERS.NET. > com. 172800 IN NS L.GTLD-SERVERS.NET. > com. 172800 IN NS J.GTLD-SERVERS.NET. > com. 172800 IN NS D.GTLD-SERVERS.NET. > com. 172800 IN NS I.GTLD-SERVERS.NET. > com. 172800 IN NS F.GTLD-SERVERS.NET. > com. 172800 IN NS G.GTLD-SERVERS.NET. > com. 172800 IN NS B.GTLD-SERVERS.NET. > com. 172800 IN NS E.GTLD-SERVERS.NET. > com. 172800 IN NS H.GTLD-SERVERS.NET. > ;; Received 508 bytes from 192.203.230.10#53(E.ROOT-SERVERS.NET) in 68 > ms > > capitalone.com. 172800 IN NS ns1.capitalone.com. > capitalone.com. 172800 IN NS ns2.capitalone.com. > capitalone.com. 172800 IN NS ns3.capitalone.com. > ;; Received 138 bytes from 192.52.178.30#53(K.GTLD-SERVERS.NET) in 130 > ms > > www.capitalone.com. 120 IN CNAME www.wpex.capitalone.com. > wpex.capitalone.com. 3600 IN NS ns2-mockingbird.wpex.capitalone > .com. > wpex.capitalone.com. 3600 IN NS ns1-cardinal.wpex.capitalone.co > m. > ;; Received 148 bytes from 199.244.214.107#53(ns3.capitalone.com) in > 42 ms > > -rich goodson > > _______________________________________________ > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: mark_andr...@isc.org _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users