Thanks for the suggestion Grant. Here's what I get for the recursive server's capture: ( I queried from the recursive server itself from another ssh session so it is the client as well)
# tcpdump -v -v -nt -i eth0 udp port 53|grep lenovotcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 86.36.AA.BB.45776 > 86.36.AA.CC.domain: [bad udp cksum 8a1b!] 34468+ A? www.lenovo.com. (32) 86.36.AA.BB.45776 > 86.36.AA.CC.domain: [bad udp cksum 8a1b!] 34468+ A? www.lenovo.com. (32) 86.36.AA.BB.36143 > 193.108.91.79.domain: [bad udp cksum c63c!] 12966 [1au] A? www.lenovo.com. ar: . OPT UDPsize=4096 OK (43) 193.108.91.79.domain > 86.36.AA.BB.36143: [udp sum ok] 12966*- q: A? www.lenovo.com. 1/0/1 www.lenovo.com. CNAME cs47.can.lnvcdn.net. ar: . OPT UDPsize=4096 OK (76) 86.36.AA.BB.45776 > 86.36.AA.CC.domain: [bad udp cksum 8a1b!] 34468+ A? www.lenovo.com. (32) 86.36.AA.BB.10224 > 86.36.DD.EE.domain: [bad udp cksum 18c7!] 12721 [1au] A? www.lenovo.com.ourdomain.com. ar: . OPT UDPsize=4096 OK (57) 86.36.DD.EE.domain > 86.36.AA.BB.10224: [udp sum ok] 12721 NXDomain*- q: A? www.lenovo.com.ourdomain.com. 0/1/1 ns: ourdomain.com. SOA master.ourdomain.com. host-master.ourparentdomain.com. 138524105 900 450 3600000 60 ar: . OPT UDPsize=4096 OK (138) 86.36.AA.CC.domain > 86.36.AA.BB.45776: [udp sum ok] 34468 ServFail q: A? www.lenovo.com. 0/0/0 (32) 86.36.AA.BB = localhost (our recursive server) where I ran the query and capture 86.36.AA.CC = our secondary recursive server (no idea why that was contacted) 86.36.DD.EE = our one of two anycast addresses which point to the recursive servers So it looks like we do get to the CNAME (4th line) but still it fails...?I also tried a capture from a regular linux client but the output was similar except that it didn't include the CNAME line. Frankly I have no idea if this is giving any useful info. I did see that for other queries also I saw bad udp cksum messages so not sure if thats an actual problem. Do you see anything specific that might help us diagnose further? Thanks From: Grant Taylor via bind-users <bind-users@lists.isc.org> To: bind-users@lists.isc.org Sent: Friday, August 11, 2017 7:06 PM Subject: Re: DNS not resolving for a particular domain only On 08/11/2017 06:49 AM, U Zee via bind-users wrote: > Any ideas please??? I'm seeing different A records returned depending on where I query from. As such I can only speculate that something related to DNS for a CDN is not working as desired. I'd suggest a packet capture of the client's DNS traffic and possibly (if not likely) the client's recursive DNS server's traffic (related to the query.) -- Grant. . . . unix || die _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users