Re: trouble resolving names in GOV.
This is a discussion on Re: trouble resolving names in GOV. within the Bind Users forums, part of the DNS and Related Forums category; Bennett, Steve wrote: >We have two servers running BIND - one is running v9.2.1, the other is >...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
02-01-2005
|
|||
|
|||
Re: trouble resolving names in GOV.
Bennett, Steve wrote:
>We have two servers running BIND - one is running v9.2.1, the other is >running v9.3.0. We're seeing problems resolving names in the GOV tld on >the v9.3.0 server, and I can't see if this a problem in BIND v9.3.0 or >something wrong in the GOV. domain, or (most likely) something daft that >I've done. It looks as though the v9.3.0 nameserver is unable to resolve >anything in "GOV." > >I do see differences in response if I use "dig" to try and find >nameservers in GOV compared to nameservers in other TLDs, for example, >compare looking up the namservers for "microsoft.com." and "nih.gov.": > > 1a) find the nameservers for "com." > $dig ns com. > > ; <<>> DiG 9.3.0 <<>> ns com. > ;; global options: printcmd > com. 172800 IN NS k.gtld-servers.net. > com. 172800 IN NS e.gtld-servers.net. > com. 172800 IN NS m.gtld-servers.net. > com. 172800 IN NS a.gtld-servers.net. > com. 172800 IN NS g.gtld-servers.net. > com. 172800 IN NS h.gtld-servers.net. > com. 172800 IN NS c.gtld-servers.net. > com. 172800 IN NS i.gtld-servers.net. > com. 172800 IN NS b.gtld-servers.net. > com. 172800 IN NS d.gtld-servers.net. > com. 172800 IN NS l.gtld-servers.net. > com. 172800 IN NS f.gtld-servers.net. > com. 172800 IN NS j.gtld-servers.net. > > 1b) find "microsoft.com" nameservers: > $dig @a.gtld-servers.net. ns microsoft.com.=20 > > ; <<>> DiG 9.3.0 <<>> @a.gtld-servers.net. ns >microsoft.com. > ;; global options: printcmd > microsoft.com. 172800 IN NS ns1.msft.net. > microsoft.com. 172800 IN NS ns2.msft.net. > microsoft.com. 172800 IN NS ns3.msft.net. > microsoft.com. 172800 IN NS ns4.msft.net. > microsoft.com. 172800 IN NS ns5.msft.net. > >This looks OK, but if I try the same for "nih.gov" (for example): > > 2a) find "gov" nameservers: > $dig ns gov. > > ; <<>> DiG 9.3.0 <<>> ns gov. > ;; global options: printcmd > gov. 172800 IN NS c.gov.zoneedit.com. > gov. 172800 IN NS b.gov.zoneedit.com. > gov. 172800 IN NS a.gov.zoneedit.com. > gov. 172800 IN NS g.gov.zoneedit.com. > gov. 172800 IN NS f.gov.zoneedit.com. > gov. 172800 IN NS e.gov.zoneedit.com. > gov. 172800 IN NS d.gov.zoneedit.com. > > 2b) find "nih.gov" nameservers: > $dig @a.gov.zoneedit.com. ns nih.gov. > > ; <<>> DiG 9.3.0 <<>> @a.gov.zoneedit.com. ns nih.gov. > ;; global options: printcmd > >Shouldn't 2b return the list of nameservers for the domain "nih.gov"? If >not, why not? > I assume, since you truncated the output, that you got some sort of timeout for the 2b query. What happens if you try some of the other nameservers for .gov? Do they all timeout? If so, look at your networking/firewall configuration. That query comes back just fine for me: % dig @a.gov.zoneedit.com ns nih.gov ; <<>> DiG 9.2.2rc1 <<>> @a.gov.zoneedit.com ns nih.gov ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64671 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 3, ADDITIONAL: 3 ;; QUESTION SECTION: ;nih.gov. IN NS ;; AUTHORITY SECTION: nih.gov. 10800 IN NS LHC.NLM.nih.gov. nih.gov. 10800 IN NS NS.nih.gov. nih.gov. 10800 IN NS NS2.nih.gov. ;; ADDITIONAL SECTION: LHC.NLM.nih.gov. 10800 IN A 130.14.35.128 NS.nih.gov. 10800 IN A 128.231.128.251 NS2.nih.gov. 10800 IN A 128.231.64.1 ;; Query time: 75 msec ;; SERVER: 216.55.155.29#53(a.gov.zoneedit.com) ;; WHEN: Mon Jan 31 20:31:38 2005 ;; MSG SIZE rcvd: 130 % - Kevin 
|
Linear Mode
