Hi all.
My ISP has recently made a "small change" to their own DNS server configuration. As a possible coincidence, this is about the same time as I came across a local DNS problem (who knows, it could be unrelated and linked to a WinUpdate patch about the same time)
I seem to be receiving different results when querying my local (Win2003) DNS Server, and querying the ISP's DNS Server.
I can't work out what has changed (or what is mis-configured)
1 - mail.wilmot.me.uk has a CNAME to wilmot.me.uk.mail.aaisp.net.uk
(as per [ISP Support page](http://aa.nu/kb-broadband-email.html/))
1b - wilmot.me.uk.mail.aaisp.net.uk resolves to 81.187.30.14, 81.187.30.19
2 - mail2.wilmot.me.uk (quick workaround added earlier)
CNAME to mail.aaisp.net.uk
Resolves to 81.187.30.14, 81.187.30.19
The problem is:
Against the local server (10.0.0.2) ... (A Win2003 box)
- When I lookup mail.wilmot.me.uk , I get an NXDOMAIN.
- When I lookup mail2.wilmot.me.uk , I get the IP address(es) expected.
However, if I switch to the ISP's resolver (217.169.20.20)
- When I lookup mail.wilmot.me.uk , I get the IP address(es) expected.
- When I lookup mail2.wilmot.me.uk , I get the IP address(es) expected.
So, why is the local DNS server treating mail and mail2 differently, and yet the ISP's server is respondig as expected
Results (filtered below) .. Edited after original copy/paste errors
From 10.0.0.2
C:\>nslookup -debug mail.wilmot.me.uk. 10.0.0.2
-----------
Got answer:
HEADER:
opcode = QUERY, id = 2, rcode = NXDOMAIN
header flags: response, auth. answer
questions = 1, answers = 1, authority records = 1, additional = 0
QUESTIONS:
mail.wilmot.me.uk, type = A, class = IN
ANSWERS:
-> mail.wilmot.me.uk
canonical name = wilmot.me.uk.mail.aaisp.net.uk
ttl = 3600 (1 hour)
AUTHORITY RECORDS:
-> mail.aaisp.net.uk
ttl = 600 (10 mins)
primary name server = auth.primary-dns.co.uk
responsible mail addr = a.k.gg
serial = 2010021105
refresh = 10800 (3 hours)
retry = 3600 (1 hour)
expire = 1209600 (14 days)
default TTL = 600 (10 mins)
------------
*** box2.data-utilities.co.uk can't find mail.wilmot.me.uk.: Non-existent domain
and: (mail2.wilmot.me.uk)
C:\>nslookup -debug mail2.wilmot.me.uk. 10.0.0.2
------------
Got answer:
HEADER:
opcode = QUERY, id = 2, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 3, authority records = 0, additional = 0
QUESTIONS:
mail2.wilmot.me.uk, type = A, class = IN
ANSWERS:
-> mail2.wilmot.me.uk
canonical name = c.mail.aaisp.net.uk
ttl = 3600 (1 hour)
-> c.mail.aaisp.net.uk
internet address = 81.187.30.14
ttl = 656 (10 mins 56 secs)
-> c.mail.aaisp.net.uk
internet address = 81.187.30.19
ttl = 656 (10 mins 56 secs)
------------
Non-authoritative answer:
Name: c.mail.aaisp.net.uk
Addresses: 81.187.30.14, 81.187.30.19
Aliases: mail2.wilmot.me.uk
However, when going direct to the ISP's server, the results appear OK
C:\>nslookup -debug mail.wilmot.me.uk. 217.169.20.20
Got answer:
HEADER:
opcode = QUERY, id = 2, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 3, authority records = 1, additional = 0
QUESTIONS:
mail.wilmot.me.uk, type = A, class = IN
ANSWERS:
-> mail.wilmot.me.uk
canonical name = wilmot.me.uk.mail.aaisp.net.uk
ttl = 3600 (1 hour)
-> wilmot.me.uk.mail.aaisp.net.uk
internet address = 81.187.30.14
ttl = 3600 (1 hour)
-> wilmot.me.uk.mail.aaisp.net.uk
internet address = 81.187.30.19
ttl = 3600 (1 hour)
AUTHORITY RECORDS:
-> mail.aaisp.net.uk
ttl = 3600 (1 hour)
primary name server = auth.primary-dns.co.uk
responsible mail addr = support.aaisp.net.uk
serial = 1266576116
refresh = 10800 (3 hours)
retry = 3600 (1 hour)
expire = 1209600 (14 days)
default TTL = 600 (10 mins)
------------
Non-authoritative answer:
Name: wilmot.me.uk.mail.aaisp.net.uk
Addresses: 81.187.30.14, 81.187.30.19
Aliases: mail.wilmot.me.uk
and mail2.wilmot.me.uk also works.
C:\>nslookup -debug mail2.wilmot.me.uk. 217.169.20.20
------------
Got answer:
HEADER:
opcode = QUERY, id = 2, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 3, authority records = 2, additional = 0
QUESTIONS:
mail2.wilmot.me.uk, type = A, class = IN
ANSWERS:
-> mail2.wilmot.me.uk
canonical name = C.mail.aaisp.net.uk
ttl = 3600 (1 hour)
-> C.mail.aaisp.net.uk
internet address = 81.187.30.19
ttl = 614 (10 mins 14 secs)
-> C.mail.aaisp.net.uk
internet address = 81.187.30.14
ttl = 614 (10 mins 14 secs)
AUTHORITY RECORDS:
-> mail.aaisp.net.uk
nameserver = auth.primary-dns.co.uk
ttl = 614 (10 mins 14 secs)
-> mail.aaisp.net.uk
nameserver = auth.secondary-dns.co.uk
ttl = 614 (10 mins 14 secs)
------------
Non-authoritative answer:
Name: C.mail.aaisp.net.uk
Addresses: 81.187.30.19, 81.187.30.14
Aliases: mail2.wilmot.me.uk
--
Very grateful to any insight into the differences.
I know that I COULD just stick with the workaround, but would rather know the CAUSE of the problem, rather than just how to "make it go away"
Thanks
-
There seem to be some kind of an oddity in your
nslookup -d2 mail2.wilmot.me.uk. 10.0.0.2
, because it says the question is :mail.wilmot.me.uk, type = A, class = IN
. So, I'll base my answer as if you asked formail
and notmail2
.The first one, says
NOERROR
, it also says :response, want recursion, recursion avail
, which means you asked for something, with recursion, and there is recursion, so, it's giving you theCNAME
and theA
record theCNAME
points to, which it may not have known, but it's doing recursion.The second says
NXDOMAIN
, it also says :response, auth. answer
, which means you asked something, but it's not doing any recursion. You asked for aA
record, (see the QUESTION section) it only knows that the answer is aCNAME
, but it does not have theA
record of that particularCNAME
, what the NXDOMAIN means is "I don't have aA
answer for you" because it's what you asked for, it does give you theCNAME
though, so that you can finish the recursion.mat : After rereading it, it may, or may not be that a clear answer, I'll try to rephrase parts of it if you don't get what I mean :-)Steven_W : Thanks for reply - I can see what you're getting at (and also re-reading my original post can see that my question is not that clear.. Just about to edit the question to include (and tidy up) a bit more detail.From mat -
Having been spending more time digging into this, I've found more results (which I've posted below in case it is helpful to someone else looking on this site)
I had been using 217.169.20.20 for queries
This would seem to be the ISP's internally-visible resolvers (intended for broadband customers)However, if I look up the domain "wilmot.me.uk.", the nameservers are actually
primary-dns.co.uk internet address = 81.187.30.41 secondary-dns.co.uk internet address = 81.187.81.32
I'm in the middle of sorting out the issue with the ISP's tech-support, but it looks as though the "Win2003 Server" is likely to be a complete red herring, and that this is a (hopefully) simpler issue between the ISP's internal and external resolvers.
From Steven_W -
Your nameservers for wilmot.me.uk are listed at Nominet as being
primary-dns.co.uk
andsecondary-dns.co.uk
:> set type=NS > wilmot.me.uk Server: hi-dc1.hadleygroup.co.uk Address: 10.1.0.16 Non-authoritative answer: wilmot.me.uk nameserver = primary-dns.co.uk wilmot.me.uk nameserver = secondary-dns.co.uk
A search of those servers for mail.wilmot.me.uk yields NXDOMAIN:
> server primary-dns.co.uk Default Server: primary-dns.co.uk Address: 81.187.30.41 > set type=A > mail.wilmot.me.uk Server: primary-dns.co.uk Address: 81.187.30.41 *** primary-dns.co.uk can't find mail.wilmot.me.uk: Non-existent domain > server secondary-dns.co.uk Default Server: secondary-dns.co.uk Address: 81.187.81.32 > set type=A > mail.wilmot.me.uk Server: secondary-dns.co.uk Address: 81.187.81.32 *** secondary-dns.co.uk can't find mail.wilmot.me.uk: Non-existent domain
But they can find mail2.wilmot.me.uk:
> server primary-dns.co.uk Default Server: primary-dns.co.uk Address: 81.187.30.41 > set type=A > mail2.wilmot.me.uk Server: primary-dns.co.uk Address: 81.187.30.41 Name: C.mail.aaisp.net.uk Addresses: 81.187.30.14, 81.187.30.19 Aliases: mail2.wilmot.me.uk > server secondary-dns.co.uk Default Server: secondary-dns.co.uk Address: 81.187.81.32 > set type=A > mail2.wilmot.me.uk Server: secondary-dns.co.uk Address: 81.187.81.32 Name: C.mail.aaisp.net.uk Addresses: 81.187.30.14, 81.187.30.19 Aliases: mail2.wilmot.me.uk
It looks as if during their "update" they've wiped out one of your records. It's possible that the resolver you're using (217...) has got your record cached from before it was removed.
Steven_W : Thank you - That seems to match my own thoughts and results, but it also helps to confirm that I'm not doing something stupid... Am waiting for the ISP to respond now.From Andy Shellam -
Final answer seems to be related to the details of the CNAME itself
mail.wilmot.me.ux resolves to wilmot.me.uk.mail.aaisp.net.uk., but this isn't currently returning NS records.
C:\BIND>dig wilmot.me.uk.mail.aaisp.net.uk. +nocomments ; <<>> DiG 9.5.0-P2 <<>> wilmot.me.uk.mail.aaisp.net.uk. +nocomments ;; global options: printcmd ;wilmot.me.uk.mail.aaisp.net.uk. IN A wilmot.me.uk.mail.aaisp.net.uk. 1176 IN A 81.187.30.14 wilmot.me.uk.mail.aaisp.net.uk. 1176 IN A 81.187.30.19 ;; Query time: 0 msec ;; SERVER: 10.0.0.2#53(10.0.0.2) ;; WHEN: Fri Feb 19 15:48:49 2010 ;; MSG SIZE rcvd: 80
Anyway, there's enough to point me in the right direction.
From Steven_W
0 comments:
Post a Comment