Hello nanog, Hopefully someone will have some input here on this DNS problem and why it is happening. I have just uncovered what seems to be a misconfiguration in an SOA record. This causes the domain to be unable to be resolved via a few of my DNS servers. It seems to work everywhere else I check it just fine, except for these two DNS servers. One of these DNS servers is Win 2003 and the other is the standard latest RHEL6 bind 9.8.2.blah-blah so I don't think it would be a bug that affects both. They are both behind a NAT Firewall gateway which could also be causing problems by inspecting DNS traffic... Below is the SOA record in question for the site that cannot be resolved by our name servers. Particluarly the "." in place of the authoritative server which seems to be a mis-config and I am not sure the reason for it. # dig soa rapportive.com ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.4 <<>> @172.20.20.254 soarapportive.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33703 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;rapportive.com. IN SOA ;; ANSWER SECTION:rapportive.com. 3600 IN SOA . hostmaster.rapportive.com. 2013041614 3600 3600 3600 3600 ;; Query time: 54 msec ;; SERVER: 172.20.20.254#53(172.20.20.254) ;; WHEN: Tue Oct 15 16:49:57 2013 ;; MSG SIZE rcvd: 78 Thanks for any help, I would be grateful for any suggestions at all... Perhaps someone does the same thing with their SOA records? DV
In message <CAEiuvJAWWR=47rq14x1cGpQUCHhmjGoD4QqCHrv_a+auhHpL6w@mail.gmail.com> , DV writes:
Hello nanog,
Hopefully someone will have some input here on this DNS problem and why it is happening. I have just uncovered what seems to be a misconfiguration in an SOA record. This causes the domain to be unable to be resolved via a few of my DNS servers. It seems to work everywhere else I check it just fine, except for these two DNS servers.
One of these DNS servers is Win 2003 and the other is the standard latest RHEL6 bind 9.8.2.blah-blah so I don't think it would be a bug that affects both. They are both behind a NAT Firewall gateway which could also be causing problems by inspecting DNS traffic...
It's the NAT. named doesn't care about the MNAME. Mark
Below is the SOA record in question for the site that cannot be resolved by our name servers. Particluarly the "." in place of the authoritative server which seems to be a mis-config and I am not sure the reason for it.
# dig soa rapportive.com
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.4 <<>> @172.20.20.254 soarapportive.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33703 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION: ;rapportive.com. IN SOA
;; ANSWER SECTION:rapportive.com. 3600 IN SOA . hostmaster.rapportive.com. 2013041614 3600 3600 3600 3600
;; Query time: 54 msec ;; SERVER: 172.20.20.254#53(172.20.20.254) ;; WHEN: Tue Oct 15 16:49:57 2013 ;; MSG SIZE rcvd: 78
Thanks for any help, I would be grateful for any suggestions at all... Perhaps someone does the same thing with their SOA records?
DV -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
participants (2)
-
DV
-
Mark Andrews