[Dnsmasq-discuss] can resolve 1 specific host

Sun Nov 15 15:32:57 GMT 2009

Knud wrote:
> Hi Simon
> 
> Just tested again...same issue again
> 
> asking my upstream nameserver...
> camping.dba.dk => unknown
> www.dba.dk => ok
> again camping.dba.dk => now ok !

Yes, I tried again and saw the same thing.

;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;camping.dba.dk.			IN	A

;; ANSWER SECTION:
camping.dba.dk.		600	IN	CNAME	www.dba.dk.

;; Query time: 77 msec

repeat:

;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 4, ADDITIONAL: 4

;; QUESTION SECTION:
;camping.dba.dk.			IN	A

;; ANSWER SECTION:
camping.dba.dk.		585	IN	CNAME	www.dba.dk.
www.dba.dk.		1787	IN	A	91.213.17.20

;; AUTHORITY SECTION:
dba.dk.			21587	IN	NS	ns6.netnames.net.
dba.dk.			21587	IN	NS	ns1.netnames.net.
dba.dk.			21587	IN	NS	ns5.netnames.net.
dba.dk.			21587	IN	NS	ns2.netnames.net.

;; ADDITIONAL SECTION:
ns6.netnames.net.	168883	IN	A	199.7.69.253
ns1.netnames.net.	21747	IN	A	204.74.108.253
ns5.netnames.net.	168883	IN	A	199.7.68.253
ns2.netnames.net.	168883	IN	A	62.128.146.40

;; Query time: 46 msec

Looks like once the upstream server has the CNAME cached, it works OK,
but not before. There are more clues there, as it tells us the
authoritative nameservers (Ie the ones that hold the configured data)
are a netnames.net.

We can ask one of those direct:

srk at spike$ dig @ns6.netnames.net camping.dba.dk

; <<>> DiG 9.5.1-P3 <<>> @ns6.netnames.net camping.dba.dk
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10510
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;camping.dba.dk.			IN	A

;; ANSWER SECTION:
camping.dba.dk.		600	IN	CNAME	www.dba.dk.

;; Query time: 22 msec
;; SERVER: 199.7.69.253#53(199.7.69.253)
;; WHEN: Sun Nov 15 15:20:05 2009
;; MSG SIZE  rcvd: 50

Which probably shows a real problem. That nameserver always gives that
data without the A record.

But even more strange, the netnames.net nameservers are not the real
authoritative ones for dba.dk

srk at spike:/mnt/onetouch/simon/torrents$ dig ns dba.dk

; <<>> DiG 9.5.1-P3 <<>> ns dba.dk
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46594
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 2

;; QUESTION SECTION:
;dba.dk.				IN	NS

;; ANSWER SECTION:
dba.dk.			43888	IN	NS	ns1.danhost.dk.
dba.dk.			43888	IN	NS	ns0.danhost.dk.

;; ADDITIONAL SECTION:
ns0.danhost.dk.		14276	IN	A	217.195.182.61
ns1.danhost.dk.		13926	IN	A	195.140.132.26

;; Query time: 9 msec
;; SERVER: 192.168.0.4#53(192.168.0.4)
;; WHEN: Sun Nov 15 15:27:37 2009
;; MSG SIZE  rcvd: 100

so the 89.184.128.193 nameserver you are using is very confused, I
think. It's using the wrong authoritative nameservers for dba.dk and
getting the wrong answers, which it is passing on. At this point it's
probably best to pass the whole mess over to the admins of
89.184.128.193 (your ISP?) CC: me on the mail if you wish, in case I can
provide more information.

> 
> restart my dnsmasq makes it to known www.dba.dk and camping.dba.dk
> 
> I am running another dnsmasq server (at a school) with another upstream
> nameserver...there seems no problems

I see the same: there's something wrong with 89.184.128.193, for sure.

> It is another version of dnsmasq included in the FREESCO packged.
> But it seems not to be a dnsmasq issue but further upstream problem
> 
> Just strange that this specific host gives problems and not others (to
> my knowlegde)

Cheers,

Simon.