DNS resolution errors

[vampyreapocalyps]

Hi everyone,

This is weird, or not. I don’t know much about DNS so any help is greatly appreciated. My primary DNS server is returning non-authoritative answers for nslookups on external addresses.

On internal addresses, I get SERVFAIL, and then it goes to my backup DNS:

andrew-caldwells-macbook-pro:~ andrew$ nslookup mail.mnn.org
;; Got SERVFAIL reply from 192.168.1.32, trying next server
Server: 192.168.1.27
Address: 192.168.1.27#53

mail.mnn.org canonical name = od-replica.mnn.org.
Name: od-replica.mnn.org
Address: 192.168.1.27

What’s the deal? It’s worthwhile noting that this is a recent development in the past day.

TIA,
Andrew

[vampyreapocalyps]

Yes, sorry for the lack of information in my first post, the forum kept saying it was finding spam and deleting the post.

192.168.1.32 is our primary dns server and 192.168.1.27 is our backup.

named.log on 192.168.1.27 (od-replica) continually produces the error message ‘zone mnn.org/IN: refresh: unexpected rcode (SERVFAIL) from master 192.168.1.32#53 (source 0.0.0.0#0)’

these are the results of a changeip -checkhostname on 192.168.1.32 (od-master)

[code]od-master:~ admin$ sudo changeip -checkhostname
Password:

Primary address = 192.168.1.32

Current HostName = od-master.mnn.org
DNS HostName = od-master.mnn.org

The names match. There is nothing to change.[/code]

Any other information needed, just let me know.

Thanks,
Andrew

[vampyreapocalyps]

I also did a tail -f /var/log/system.log and stopped then started dns. these are the results of that:

Jan 30 12:44:51 od-master bootpd[986]: service time 0.000821 seconds
Jan 30 12:44:52 od-master bootpd[986]: DHCP REQUEST [en0]: 1,0:1c:b3:75:1a:87
Jan 30 12:44:52 od-master bootpd[986]: service time 0.000197 seconds
Jan 30 12:45:10 od-master bootpd[986]: DHCP REQUEST [en0]: 1,0:21:e9:61:f1:63 Jan 30 12:45:10 od-master bootpd[986]: dhcpd: INIT-REBOOT host 1,0:21:e9:61:f1:63 binding for 192.168.2.165 with another server
Jan 30 12:45:10 od-master bootpd[986]: service time 0.000280 seconds
Jan 30 12:45:16 od-master sudo: admin : TTY=ttyp1 ; PWD=/Users/admin ; USER=root ; COMMAND=/usr/sbin/named-checkconf /etc/named.conf
Jan 30 12:46:55 od-master bootpd[986]: DHCP REQUEST [en0]: 1,0:1d:4f:aa:d9:a1
Jan 30 12:46:55 od-master bootpd[986]: dhcpd: INIT-REBOOT host 1,0:1d:4f:aa:d9:a1 binding for 192.168.2.179 with another server
Jan 30 12:46:55 od-master bootpd[986]: service time 0.000549 seconds
Jan 30 12:47:43 od-master sudo: admin : TTY=ttyp1 ; PWD=/Users/admin ; USER=root ; COMMAND=/usr/sbin/serveradmin stop dns
Jan 30 12:47:44 od-master serveradmin: servermgr_dns: hostname and DNS entries for this server are synchronized
Jan 30 12:47:58 od-master sudo: admin : TTY=ttyp1 ; PWD=/Users/admin ; USER=root ; COMMAND=/usr/sbin/serveradmin start dns
Jan 30 12:48:05 od-master serveradmin: servermgr_dns: no name available via DNS for 192.168.1.32
Jan 30 12:48:05 od-master serveradmin: servermgr_dns: no reverse DNS entry for server, various services may not function properly
Jan 30 12:48:05 od-master named[1517]: starting BIND 9.3.5-P2 -f
Jan 30 12:48:05 od-master named[1517]: command channel listening on 127.0.0.1#54

[vampyreapocalyps]

[code]
andrew-caldwells-macbook-pro:~ andrew$ dig @192.168.1.32 http://www.apple.com

<<>> DiG 9.4.2-P2 <<>> @192.168.1.32 http://www.apple.com
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9270 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 9, ADDITIONAL: 4 ;; QUESTION SECTION: ;www.apple.com. IN A ;; ANSWER SECTION: http://www.apple.com. 1800 IN CNAME http://www.apple.com.akadns.net.
http://www.apple.com.akadns.net. 60 IN A 17.251.200.32

;; AUTHORITY SECTION:
akadns.net. 172741 IN NS zc.akadns.org.
akadns.net. 172741 IN NS zd.akadns.org.
akadns.net. 172741 IN NS eur1.akadns.net.
akadns.net. 172741 IN NS use3.akadns.net.
akadns.net. 172741 IN NS use4.akadns.net.
akadns.net. 172741 IN NS usw2.akadns.net.
akadns.net. 172741 IN NS asia9.akadns.net.
akadns.net. 172741 IN NS za.akadns.org.
akadns.net. 172741 IN NS zb.akadns.org.

;; ADDITIONAL SECTION:
za.akadns.org. 3541 IN A 195.219.3.169
zb.akadns.org. 3441 IN A 12.183.125.5
zc.akadns.org. 3341 IN A 124.211.40.4
zd.akadns.org. 3141 IN A 204.2.178.133

;; Query time: 2122 msec
;; SERVER: 192.168.1.32#53(192.168.1.32)
;; WHEN: Fri Jan 30 15:46:39 2009
;; MSG SIZE rcvd: 323
[/code]

So this looks like it resolved properly... Forgive my ineptitude, DNS is probably my weakest skill.

Thanks,
Andrew

[vampyreapocalyps]

I think it’s worthwhile to mention that internal addresses do not seem to resolve properly. I’ve posted the results of a dig to mail.mnn.org using both the primary and the backup DNS

[code]andrew-caldwells-macbook-pro:~ andrew$ dig @192.168.1.27 mail.mnn.org

; <<>> DiG 9.4.2-P2 <<>> @192.168.1.27 mail.mnn.org
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6770 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 1 ;; QUESTION SECTION: ;mail.mnn.org. IN A ;; ANSWER SECTION: mail.mnn.org. 3600 IN CNAME od-replica.mnn.org. od-replica.mnn.org. 3600 IN A 192.168.1.27 ;; AUTHORITY SECTION: mnn.org. 3600 IN NS od-master.mnn.org. ;; ADDITIONAL SECTION: od-master.mnn.org. 3600 IN A 192.168.1.32 ;; Query time: 1 msec ;; SERVER: 192.168.1.27#53(192.168.1.27) ;; WHEN: Fri Jan 30 15:51:27 2009 ;; MSG SIZE rcvd: 111 andrew-caldwells-macbook-pro:~ andrew$ dig mail.mnn.org ; <<>> DiG 9.4.2-P2 <<>> mail.mnn.org
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 56008 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;mail.mnn.org. IN A ;; Query time: 2 msec ;; SERVER: 192.168.1.32#53(192.168.1.32) ;; WHEN: Fri Jan 30 15:51:45 2[/code]

[vampyreapocalyps]

:/….

Ok the other IT guy here must have fixed it without telling me. He does that a lot. Thanks for the help…

Darn I was really hoping to learn something. Maybe I can bribe him with lunch in return for telling me what he did.

Thanks,
Andrew

[Author]

Posts