On Fri, Feb 23, 2001 at 09:30:17AM +0930, Rob Adams
<[EMAIL PROTECTED]> wrote:
> I think you will find this is a common named problem, I have seen similar
> instances on a default RedHat 7.0 installation (with named update).
This may be true, but I'd like to see evidence. Most common named
problems are not actually named, but misconfigured DNS at the remote site.
People are often tempted to blame named for DNS configuration errors.
I am not a fan of BIND, and we intend to move to djbdns in the future.
This will add security and robustness, but will not fix broken remote
sites.
In my former life I did a lot of DNS consulting (and have
written various DNS tools). Many sites (dare I say most) have poorly
configured DNS, which can be picked up with the tools on www.dns.net/dnsrd
The resip.ssga.com domain mentioned by Dan appears to be broken - the two
listed nameservers return failures when asked for NS or SOA records for
that domain.
The only way to diagnose DNS errors is to do an exhaustive tree walk
to ensure all delegations are correct. It is amazing how often this shows
up inconsistencies - no delegation, inconsistent delegation or inconsistent
nameservers.
So, if there are failures:
1 What is the domain?
2 Is it properly delegated?
3 Are the delegated nameservers reachable?
4 Are the delegated nameservers responding to queries?
5 Do _ALL_ of the delegated nameservers agree on the SOA value?
6 Do the delegated nameservers return the correct information?
If you get past step 6, you may be looking at BIND problems. I haven't had
one of those since Sun's broken bind 4.1 in SunOs 4 This was fixed by
replacing Sun's bind with the current (many years newer) code.
Gordon
> Rob.
>
> ----- Original Message -----
> From: "Craig Foster" <[EMAIL PROTECTED]>
> To: "Dan Brown" <[EMAIL PROTECTED]>; "E-smith developers list"
> <[EMAIL PROTECTED]>
> Sent: Thursday, February 22, 2001 7:46 PM
> Subject: RE: [e-smith-devinfo] DNS problems?
>
>
> > I've had similar problems. But as I can't find out what's happening
> exactly,
> > I haven't sent anything to [EMAIL PROTECTED]
> >
> > It seems to be that it has problems after a certain time (no specifics
> yet).
> > One person will be able to find every site they need, and yet my client
> > machine will baulk on my ISP web page :-(
> >
> > "killall named" fixes the problem for another couple of days...
> >
> > Not elegant, but I can't find what's happening yet.
> >
> > yet.....
> >
> >
> > Craig Foster
> >
> > > -----Original Message-----
> > > From: Dan Brown [mailto:[EMAIL PROTECTED]]
> > > Sent: Thursday, 22 February 2001 11:23 AM
> > > To: E-smith developers list
> > > Subject: [e-smith-devinfo] DNS problems?
> > >
> > >
> > > I'm having trouble looking up one particular host with my
> > > e-smith box.
> > > If I tell nslookup to use my ISP's DNS servers, it finds it, but the
> > > e-smith box doesn't:
> > >
> > > [root@e-smith ssl.key]# nslookup resip.ssga.com 216.231.41.22
> > > Server: cobalt.speakeasy.org
> > > Address: 216.231.41.22
> > >
> > > Name: resip.ssga.com
> > > Address: 209.202.167.55
> > >
> > > [root@e-smith ssl.key]# nslookup resip.ssga.com
> > > Server: localhost
> > > Address: 127.0.0.1
> > >
> > > *** localhost can't find resip.ssga.com: Non-existent host/domain
> > > [root@e-smith ssl.key]#
> > >
> > > My machine is able to resolve other hosts (like www) in that domain,
> > > but not that one. Any ideas what could be wrong, or where to start
> > > looking? There's nothing logged in /var/log/messages.
> > >
> > > --
> > > Dan Brown, KE6MKS, [EMAIL PROTECTED]
> > > "Meddle not in the affairs of dragons, for you are crunchy
> > > and taste good with ketchup."
> > >
> > > --
> > > This list is archived
> > > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > > For additional commands, e-mail: [EMAIL PROTECTED]
> > >
> > >
> >
> >
> > --
> > This list is archived
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
>
Gordon Rowell [EMAIL PROTECTED]
http://www.e-smith.org (development) http://www.e-smith.com (corporate)
Phone: +61 (0418) 467 366 Fax: +1 (613) 564 7739
e-smith, inc. 1500-150 Metcalfe St, Ottawa, ON K2P 1P1 Canada
