I assure you I have searched far and wide for a clue to this problem! I have a DNS server running CentOS 5.5 and BIND 9.3. Most external lookups work fine, but lookups on one particular domain returns SERVFAIL.
- dig @127.0.0.1 google.com -- works fine !
- dig @127.0.0.1 athleta.com -- works fine !
- dig @127.0.0.1 anythingelse.com -- works fine !
- dig @127.0.0.1 bistel.co.uk -- gives SERVFAIL error
There is no reference to co.uk in any of my DNS configuration files - I never even heard of it until this problem came to my attention.
If I start using dig at a root nameserver and "work my way down", so to speak, lookups are working fine at each step. Here I start at a root nameserver and it refers me to nameserver g.dns.kr. :
dig @a.root-servers.net. bistel.co.kr
. . .. . .
;; AUTHORITY SECTION:
kr. 172800 IN NS g.dns.kr.
. . .. . .
;; ADDITIONAL SECTION:
g.dns.kr. 172800 IN A 202.31.190.1
. . .. . .
Next I send my query to nameserver g.dns.kr. and it refers me to nameserver bistel.co.kr :
> dig @g.dns.kr. bistel.co.kr
. . .. . .
;; AUTHORITY SECTION:
bistel.co.kr. 86400 IN NS ns.bistel.co.kr.
. . .. . .
;; ADDITIONAL SECTION:
ns.bistel.co.kr. 86400 IN A 1.227.57.68
. . .. . .
Finally I send my query to ns.bistel.co.kr. and I get the address data I was seeking:
> dig @ns.bistel.co.kr. bistel.co.kr
. . .. . .
;; ANSWER SECTION:
bistel.co.kr. 600 IN A 1.227.57.69
bistel.co.kr. 600 IN A 1.227.57.68
bistel.co.kr. 600 IN A 1.227.57.74
. . .. . .
If I search for some other domain, as I mentioned in the introduction, there is success - for example :
> dig @127.0.0.1 athleta.com
. . .. . .
;; ANSWER SECTION:
athleta.com. 1690 IN A 198.153.202.150
. . .. . .
But for the domain bistel.co.kr, I'm out of luck:
> dig @127.0.0.1 bistel.co.kr
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-20.P1.el5 <<>> @127.0.0.1 bistel.co.kr
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 19191
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;bistel.co.kr. IN A
;; Query time: 2 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Sep 17 20:21:52 2014
;; MSG SIZE rcvd: 30
I tried enabling logging in the following manner :
logging {
channel default_file {
file "/var/log/named.log" size 10m;
severity info;
print-time yes;
print-severity yes;
print-category yes;
};
category default{ default_file; };
};
Then I issued "dig @127.0.0.1 athleta.com" (SUCCESS) and "dig @127.0.0.1 bistel.co.kr" (SERVFAIL). The only relevant entries in /var/log/named.log were as follows.
> grep athleta /var/log/named.log
17-Sep-2014 20:26:34.812 lame-servers: info: network unreachable resolving 'athleta.com/A/IN': 2610:a1:1015::1#53
17-Sep-2014 20:26:34.826 lame-servers: info: network unreachable resolving 'athleta.com/A/IN': 2001:502:f3ff::1#53
> grep bistel /var/log/named.log
17-Sep-2014 20:26:38.693 lame-servers: info: network unreachable resolving 'bistel.co.kr/A/IN': 2001:503:ba3e::2:30#53
17-Sep-2014 20:26:38.693 lame-servers: info: network unreachable resolving 'bistel.co.kr/A/IN': 2001:500:84::b#53
17-Sep-2014 20:26:38.693 lame-servers: info: network unreachable resolving 'bistel.co.kr/A/IN': 2001:500:2::c#53
17-Sep-2014 20:26:40.769 lame-servers: info: network unreachable resolving 'bistel.co.kr/A/IN': 2001:dc5:a::1#53
I thank you sincerely for reading my inquiry and hope you can guide me to a clue!
BR,
Janet
No comments:
Post a Comment