authority prob? was Re: [Pdns-users] mx failure scenario

gnu not unix gnu at wraith.sf.ca.us
Thu Dec 21 22:50:32 UTC 2006


In message <192e943c0612211335t290b9332uddd3e92b72318b19 at mail.gmail.com> you wr
ite:
>On 12/21/06, gnu not unix <gnu at wraith.sf.ca.us> wrote:

(dns problems...)

>I'm not sure I see a problem:

>[augie at augnix ~]$ dig mx wraith.sf.ca.us +short
>512 smidge.wraith.sf.ca.us.

>http://www.dnsreport.com/tools/dnsreport.ch?domain=wraith.sf.ca.us.

At the www.dnsstuff.com site, on the right, you can see a box for
"DNS lookup" and if you enter wraith.sf.ca.us and specify
mx in the dropdown menu, it will query the (a,b,c).auth-ns.sonic.net
servers (their new ones running powerdns), and they authoritatively
state "MX not found."

On the left, there is a box for "dns report" and if you enter 
wraith.sf.ca.us you get a full gory report of all the glory of
the wraith.sf.ca.us zone. So, somehow, the dnsstuff site is 
on the one hand getting authoritative response "no MX" and
the other hand asking my servers for the zone and getting the
full MX, TXT, and other less common records.

>Now if you ask (a|b|c).auth-ns.sonic.net for the MX record you are
>right it does not answer with authoritative data, but then those
>servers are not authoritative for your zone; they are authoritative
>for the sf.ca.us zone, but then that's not the zone you are asking
>about.

Well the dnsstuff query claims that the abc.auth-ns hosts *are*
claiming authority for wraith.sf.ca.us which is why those hosts
dont return MX, because they don't have any such record, only
a NS record.

Now, their (Sonic's) old server has recursion on, and things
were ducky. Now, their new servers (a/b/c.auth-ns) do not have
recursion on. I wonder if this has any bearing on my problem?
I have an email into sonic support, no answer so far (heh yes
maybe they are hit by the email prob now, but a previous email
to their support got through).


>Also from several hosts I am unable to query one of your name servers:

><augie at enigma> ~ $ dig mx wraith.sf.ca.us @smidge.wraith.sf.ca.us

>; <<>> DiG 9.2.4 <<>> mx wraith.sf.ca.us @smidge.wraith.sf.ca.us
>;; global options:  printcmd
>;; connection timed out; no servers could be reached

Thanks for this report, I don't know what's going on with that
error though. The smidge host has an IPv6 tunnel and perhaps
there is a transient failure with that? Perhaps force the
ipv4 address of smidge there (192.58.220.65).


Ahh a message from sonic, perhaps their support can forward
my email from this morning to Kelsey (waves hello).

../Steven
appreciates all the help from everyone


More information about the Pdns-users mailing list