Drifting OT (was Re: FW: "no data known" vrs "host not found" )

Drifting OT (was Re: FW: "no data known" vrs "host not found" )

Post by admjc » Thu, 04 Apr 2002 23:37:39



The ANY querys only fail from our local DNS servers not from any others on the internet including the ones at army.mil also there are several other domains that return this error intermittently. So is it more of an DNS error on which side? I found this about DNS from:

http://archives.neohapsis.com/archives/bind/2001/0036.html

818. [bug] Certain pathological responses to ANY queries could
                        cause an assertion failure. [RT #1218]

Does this fit my puzzle here?


Sent: Wednesday, April 03, 2002 8:31 AM

Subject: Drifting OT (was Re: FW: "no data known" vrs "host not found")




> > > Sendmail has traditionally done an ANY query so that it can get
> > > look up the MX and A records in one query, rather than first doing
> > > an MX query and then an A query if that fails.

> > > I'm not sure if this is a configurable option or it has changed in
> > > recent versions.

> > i could well be wrong, but i think this changed as of 8.10 or 8.11.

> I believe sendmail uses ANY queries up through 8.11.

Correct.  Just ran a test and checked the query log with sendmail-8.11.6-3.


Produces the following:

Apr 03 07:54:43.723 client 127.0.0.1#1207: query: www.gsa.gov IN ANY Apr 03 07:54:43.803 client 127.0.0.1#1207: query: www.wip.gsa.gov IN ANY Apr 03 07:54:44.026 client 127.0.0.1#1207: query: www.wip.gsa.gov IN MX Apr 03 07:54:44.078 client 127.0.0.1#1207: query: www.wip.gsa.gov IN ANY Apr 03 07:54:44.178 client 127.0.0.1#1207: query: www.wip.gsa.gov IN A

Interesting that it took five queries!  Have to look into that, I guess.

I also found an interesting DNS/sendmail interaction that I had not expected.

On my test lan, I have a machine corinth.athena.inc. that sometimes runs an http/s server but not mail servers.  In the athena.inc. zone were:
   athena.inc. CNAME corinth.athena.inc.
   athena.inc. MX 5 sparta.athena.inc.
   along with the usual A RRs.


The solution is to add a "sendmail alias" for athena.inc. to the appropriate sendmail configuration file ('access' in this case).  Now sendmail would accept the MX RR as a source for information rather than ignoring it and using the chain of athena.inc. ->CNAME
->corinth.athena.inc. ->A ->192.168.1.3 -.No MTA connection refused.

FWIW

From the RELEASE-NOTES for sendmail 8.12.0/8.12.0   2001/09/08

        T_ANY queries are no longer used by sendmail.

Regards,
Jim

- Show quoted text -

Quote:> - Kevin

 
 
 

Drifting OT (was Re: FW: "no data known" vrs "host not found" )

Post by Barry Margoli » Fri, 05 Apr 2002 01:02:08



>The ANY querys only fail from our local DNS servers not from any others
>on the internet including the ones at army.mil also there are several
>other domains that return this error intermittently. So is it more of an
>DNS error on which side? I found this about DNS from:

The failure I was referring to was the fact that some of the records that
are supposed to be in the Answer section are instead in the Authority
section of the reply.  I was able to reproduce this by querying the
army.mil servers directly.

Quote:>http://archives.neohapsis.com/archives/bind/2001/0036.html

>818. [bug] Certain pathological responses to ANY queries could
>                        cause an assertion failure. [RT #1218]

>Does this fit my puzzle here?

Only if your named process crash with an "Assertion failed" log message.
It doesn't sound like this is so.

--

Genuity, Woburn, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.

 
 
 

Drifting OT (was Re: FW: "no data known" vrs "host not found" )

Post by Joseph S D Ya » Fri, 05 Apr 2002 01:44:04



> The ANY querys only fail from our local DNS servers not from any others on the internet including the ones at army.mil also there are several other domains that return this error intermittently. So is it more of an DNS error on which side? I found this about DNS from:

...

There appears to be the misconception that the ANY query is an ALL
query.  That is, the misconception appears to be that the ANY query
asks the local server to go out and get all the information for the
domain passed and return it.

As I understand it, the ANY query ONLY requests any information that
happens to be lying around.  So, if NONE is lying around, the name
server will go and get ANY information from the domain's name server,
iterating down from as close to the root as necessary.

However, if there happens to be any (ANY) information in the name
server on that domain, it will return it.  If it happens to be just NS
information, then that is what is returned.  If it's just SOA, or just
NS and A, then that is what is returned.

Or just MX.

Apologies if this has already been mentioned in this thread.  If my
mental model of the ANY record is incorrect, I'm sure that I will be
corrected.  ;-)

--

OSIS Center Systems Support                                     EMT-B
-----------------------------------------------------------------------
   This message is not an official statement of OSIS Center policies.