Re: [dns-operations] Why would a recusrive caching server not resolve a CNAME?
On Sun, Jul 6, 2014 at 3:45 PM, Mohamed Lrhazi ml...@georgetown.edu wrote: Thanks Lyle, I did not mean to say that list was defunct, quite the opposite, I felt that I was a bit spamming it with non global operational DNS issue Nah. No worries. This list traditionally has a wide range of topics. Your mail was polite and sane, and you seem interested in learning. Entirely appropriate (IMO) for this list. W Yes, I did not debug well, went for the quick fix of clearing the cache That being said, end users query for the name and the IPs, always... but then here they were only getting the CNAME... so am trying to figure out in what circumstances would that occur... Would a recursive resolver that has the CNAME in cache, but the A records expired, fail to resolve the A records, return just the CNAME? Thanks a lot, Mohamed. On Sun, Jul 6, 2014 at 3:13 PM, Lyle Giese l...@lcrcomputer.net wrote: You waited less than an hour before proclaiming the list defunct? It's Sunday in most of the world. Most of us are doing other things than sitting on this list. That said, my initial thought is that your server answered your question. Nothing more. Did you ask it for the A record for googlemail.l.google.com ? That might have told you more. Lyle Giese LCR Computer Services, Inc. On 07/06/14 13:38, Mohamed Lrhazi wrote: I am thinking this list is not appropriate for some of my questions... Could someone suggest a better one, maybe as active and rich, as this one, but more appropriate for general DNS discussions? Thanks a lot, Mohamed. On Sun, Jul 6, 2014 at 2:02 PM, Mohamed Lrhazi ml...@georgetown.edu wrote: We had a little mail outage which turned out to be caused by one of our caching DNS servers returning the bellow incomplete reply. Clearing the cache on the problematic server fixed the issue Am thinking it is now impossible for me to find the root cause in this instance... but wondering if you guys could hint at what could cause such a problem... bugs in the DNS servers involved? temporary misconfig at Google's servers? network issue? The setup is a bit convoluted: cache server -- resolver cache server -- Internet The fix was clearing at the first server. so I am guessing at some point the resolver gave the incomplete answer. Thanks a lot, Mohamed. ➜ ~ dig mail.google.com @141.161.100.201 ; DiG 9.9.5-3-Ubuntu mail.google.com @141.161.100.201 ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 20414 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 5 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;mail.google.com. IN A ;; ANSWER SECTION: mail.google.com. 10213 IN CNAME googlemail.l.google.com. ;; AUTHORITY SECTION: google.com. 96485 IN NS ns2.google.com. google.com. 96485 IN NS ns3.google.com. google.com. 96485 IN NS ns4.google.com. google.com. 96485 IN NS ns1.google.com. ;; ADDITIONAL SECTION: ns3.google.com. 108462 IN A 216.239.36.10 ns4.google.com. 108462 IN A 216.239.38.10 ns1.google.com. 108462 IN A 216.239.32.10 ns2.google.com. 108462 IN A 216.239.34.10 ;; Query time: 22 msec ;; SERVER: 141.161.100.201#53(141.161.100.201) ;; WHEN: Sun Jul 06 12:42:09 EDT 2014 ;; MSG SIZE rcvd: 207 ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
[dns-operations] Why would a recusrive caching server not resolve a CNAME?
We had a little mail outage which turned out to be caused by one of our caching DNS servers returning the bellow incomplete reply. Clearing the cache on the problematic server fixed the issue Am thinking it is now impossible for me to find the root cause in this instance... but wondering if you guys could hint at what could cause such a problem... bugs in the DNS servers involved? temporary misconfig at Google's servers? network issue? The setup is a bit convoluted: cache server -- resolver cache server -- Internet The fix was clearing at the first server. so I am guessing at some point the resolver gave the incomplete answer. Thanks a lot, Mohamed. ➜ ~ dig mail.google.com @141.161.100.201 ; DiG 9.9.5-3-Ubuntu mail.google.com @141.161.100.201 ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 20414 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 5 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;mail.google.com. IN A ;; ANSWER SECTION: mail.google.com. 10213 IN CNAME googlemail.l.google.com. ;; AUTHORITY SECTION: google.com. 96485 IN NS ns2.google.com. google.com. 96485 IN NS ns3.google.com. google.com. 96485 IN NS ns4.google.com. google.com. 96485 IN NS ns1.google.com. ;; ADDITIONAL SECTION: ns3.google.com. 108462 IN A 216.239.36.10 ns4.google.com. 108462 IN A 216.239.38.10 ns1.google.com. 108462 IN A 216.239.32.10 ns2.google.com. 108462 IN A 216.239.34.10 ;; Query time: 22 msec ;; SERVER: 141.161.100.201#53(141.161.100.201) ;; WHEN: Sun Jul 06 12:42:09 EDT 2014 ;; MSG SIZE rcvd: 207 ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
Re: [dns-operations] Why would a recusrive caching server not resolve a CNAME?
I am thinking this list is not appropriate for some of my questions... Could someone suggest a better one, maybe as active and rich, as this one, but more appropriate for general DNS discussions? Thanks a lot, Mohamed. On Sun, Jul 6, 2014 at 2:02 PM, Mohamed Lrhazi ml...@georgetown.edu wrote: We had a little mail outage which turned out to be caused by one of our caching DNS servers returning the bellow incomplete reply. Clearing the cache on the problematic server fixed the issue Am thinking it is now impossible for me to find the root cause in this instance... but wondering if you guys could hint at what could cause such a problem... bugs in the DNS servers involved? temporary misconfig at Google's servers? network issue? The setup is a bit convoluted: cache server -- resolver cache server -- Internet The fix was clearing at the first server. so I am guessing at some point the resolver gave the incomplete answer. Thanks a lot, Mohamed. ➜ ~ dig mail.google.com @141.161.100.201 ; DiG 9.9.5-3-Ubuntu mail.google.com @141.161.100.201 ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 20414 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 5 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;mail.google.com. IN A ;; ANSWER SECTION: mail.google.com. 10213 IN CNAME googlemail.l.google.com. ;; AUTHORITY SECTION: google.com. 96485 IN NS ns2.google.com. google.com. 96485 IN NS ns3.google.com. google.com. 96485 IN NS ns4.google.com. google.com. 96485 IN NS ns1.google.com. ;; ADDITIONAL SECTION: ns3.google.com. 108462 IN A 216.239.36.10 ns4.google.com. 108462 IN A 216.239.38.10 ns1.google.com. 108462 IN A 216.239.32.10 ns2.google.com. 108462 IN A 216.239.34.10 ;; Query time: 22 msec ;; SERVER: 141.161.100.201#53(141.161.100.201) ;; WHEN: Sun Jul 06 12:42:09 EDT 2014 ;; MSG SIZE rcvd: 207 ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
Re: [dns-operations] Why would a recusrive caching server not resolve a CNAME?
You waited less than an hour before proclaiming the list defunct? It's Sunday in most of the world. Most of us are doing other things than sitting on this list. That said, my initial thought is that your server answered your question. Nothing more. Did you ask it for the A record for googlemail.l.google.com ? That might have told you more. Lyle Giese LCR Computer Services, Inc. On 07/06/14 13:38, Mohamed Lrhazi wrote: I am thinking this list is not appropriate for some of my questions... Could someone suggest a better one, maybe as active and rich, as this one, but more appropriate for general DNS discussions? Thanks a lot, Mohamed. On Sun, Jul 6, 2014 at 2:02 PM, Mohamed Lrhazi ml...@georgetown.edu mailto:ml...@georgetown.edu wrote: We had a little mail outage which turned out to be caused by one of our caching DNS servers returning the bellow incomplete reply. Clearing the cache on the problematic server fixed the issue Am thinking it is now impossible for me to find the root cause in this instance... but wondering if you guys could hint at what could cause such a problem... bugs in the DNS servers involved? temporary misconfig at Google's servers? network issue? The setup is a bit convoluted: cache server -- resolver cache server -- Internet The fix was clearing at the first server. so I am guessing at some point the resolver gave the incomplete answer. Thanks a lot, Mohamed. ? ~ dig mail.google.com http://mail.google.com @141.161.100.201 http://141.161.100.201 ; DiG 9.9.5-3-Ubuntu mail.google.com http://mail.google.com @141.161.100.201 http://141.161.100.201 ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 20414 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 5 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;mail.google.com http://mail.google.com.INA ;; ANSWER SECTION: mail.google.com http://mail.google.com.10213INCNAMEgooglemail.l.google.com http://googlemail.l.google.com. ;; AUTHORITY SECTION: google.com http://google.com.96485INNSns2.google.com http://ns2.google.com. google.com http://google.com.96485INNSns3.google.com http://ns3.google.com. google.com http://google.com.96485INNSns4.google.com http://ns4.google.com. google.com http://google.com.96485INNSns1.google.com http://ns1.google.com. ;; ADDITIONAL SECTION: ns3.google.com http://ns3.google.com.108462INA216.239.36.10 tel:216.239.36.10 ns4.google.com http://ns4.google.com.108462INA216.239.38.10 tel:216.239.38.10 ns1.google.com http://ns1.google.com.108462INA216.239.32.10 tel:216.239.32.10 ns2.google.com http://ns2.google.com.108462INA216.239.34.10 tel:216.239.34.10 ;; Query time: 22 msec ;; SERVER: 141.161.100.201#53(141.161.100.201) ;; WHEN: Sun Jul 06 12:42:09 EDT 2014 ;; MSG SIZE rcvd: 207 ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
Re: [dns-operations] Why would a recusrive caching server not resolve a CNAME?
Thanks Lyle, I did not mean to say that list was defunct, quite the opposite, I felt that I was a bit spamming it with non global operational DNS issue Yes, I did not debug well, went for the quick fix of clearing the cache That being said, end users query for the name and the IPs, always... but then here they were only getting the CNAME... so am trying to figure out in what circumstances would that occur... Would a recursive resolver that has the CNAME in cache, but the A records expired, fail to resolve the A records, return just the CNAME? Thanks a lot, Mohamed. On Sun, Jul 6, 2014 at 3:13 PM, Lyle Giese l...@lcrcomputer.net wrote: You waited less than an hour before proclaiming the list defunct? It's Sunday in most of the world. Most of us are doing other things than sitting on this list. That said, my initial thought is that your server answered your question. Nothing more. Did you ask it for the A record for googlemail.l.google.com ? That might have told you more. Lyle Giese LCR Computer Services, Inc. On 07/06/14 13:38, Mohamed Lrhazi wrote: I am thinking this list is not appropriate for some of my questions... Could someone suggest a better one, maybe as active and rich, as this one, but more appropriate for general DNS discussions? Thanks a lot, Mohamed. On Sun, Jul 6, 2014 at 2:02 PM, Mohamed Lrhazi ml...@georgetown.edu wrote: We had a little mail outage which turned out to be caused by one of our caching DNS servers returning the bellow incomplete reply. Clearing the cache on the problematic server fixed the issue Am thinking it is now impossible for me to find the root cause in this instance... but wondering if you guys could hint at what could cause such a problem... bugs in the DNS servers involved? temporary misconfig at Google's servers? network issue? The setup is a bit convoluted: cache server -- resolver cache server -- Internet The fix was clearing at the first server. so I am guessing at some point the resolver gave the incomplete answer. Thanks a lot, Mohamed. ➜ ~ dig mail.google.com @141.161.100.201 ; DiG 9.9.5-3-Ubuntu mail.google.com @141.161.100.201 ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 20414 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 5 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;mail.google.com. IN A ;; ANSWER SECTION: mail.google.com. 10213 IN CNAME googlemail.l.google.com. ;; AUTHORITY SECTION: google.com. 96485 IN NS ns2.google.com. google.com. 96485 IN NS ns3.google.com. google.com. 96485 IN NS ns4.google.com. google.com. 96485 IN NS ns1.google.com. ;; ADDITIONAL SECTION: ns3.google.com. 108462 IN A 216.239.36.10 ns4.google.com. 108462 IN A 216.239.38.10 ns1.google.com. 108462 IN A 216.239.32.10 ns2.google.com. 108462 IN A 216.239.34.10 ;; Query time: 22 msec ;; SERVER: 141.161.100.201#53(141.161.100.201) ;; WHEN: Sun Jul 06 12:42:09 EDT 2014 ;; MSG SIZE rcvd: 207 ___ dns-operations mailing listdns-operati...@lists.dns-oarc.nethttps://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing listhttps://lists.dns-oarc.net/mailman/listinfo/dns-jobs ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
