From owner-freebsd-questions  Fri Nov 22  1:32:19 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 94FB637B401
	for <freebsd-questions@FreeBSD.ORG>; Fri, 22 Nov 2002 01:32:17 -0800 (PST)
Received: from smtp.infracaninophile.co.uk (ns0.infracaninophile.co.uk [81.2.69.218])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 77C3343E6E
	for <freebsd-questions@FreeBSD.ORG>; Fri, 22 Nov 2002 01:32:16 -0800 (PST)
	(envelope-from m.seaman@infracaninophile.co.uk)
Received: from happy-idiot-talk.infracaninophile.co.uk (localhost [IPv6:::1])
	by smtp.infracaninophile.co.uk (8.12.6/8.12.6) with ESMTP id gAM9WCx2022211;
	Fri, 22 Nov 2002 09:32:13 GMT
	(envelope-from matthew@happy-idiot-talk.infracaninophile.co.uk)
Received: (from matthew@localhost)
	by happy-idiot-talk.infracaninophile.co.uk (8.12.6/8.12.6/Submit) id gAM9W769022210;
	Fri, 22 Nov 2002 09:32:07 GMT
Date: Fri, 22 Nov 2002 09:32:07 +0000
From: Matthew Seaman <m.seaman@infracaninophile.co.uk>
To: Jeff <jeffi@rcn.com>
Cc: freebsd-questions@FreeBSD.ORG
Subject: Re: dns problem
Message-ID: <20021122093207.GB21672@happy-idiot-talk.infracaninophi>
Mail-Followup-To: Matthew Seaman <matthew@FreeBSD.ORG>,
	Jeff <jeffi@rcn.com>, freebsd-questions@FreeBSD.ORG
References: <20021122041534.GA71059@rcn.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20021122041534.GA71059@rcn.com>
User-Agent: Mutt/1.5.1i
X-Spam-Status: No, hits=-3.0 required=5.0
	tests=IN_REP_TO,QUOTED_EMAIL_TEXT,REFERENCES,SPAM_PHRASE_00_01,
	      USER_AGENT,USER_AGENT_MUTT
	version=2.43
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

On Thu, Nov 21, 2002 at 11:15:34PM -0500, Jeff wrote:
 
> I'm not sure why the only requests that go out are the AAAA requests and not
> the A's... as I mentioned before, this is the only domain that I have
> experienced this behavior on, but the test set is small enough that I dont
> want to assume its etrade, especially since I see my server only sending
> AAAA's out.

As far as I can tell, the DNS servers for etrade.com are working fine
now.  I can see the site perfectly well myself.  They haven't got any
AAAA addresses in their zone data, but their servers are responding
correctly with NXDomain messages when queried for them.  Your web
browser should then proceed to doing an IPv4 lookup and work with
that.

The reason you aren't seeing the A queries going out of your external
firewall interface is that they've been cached on your internal
server.  The negative responses to AAAA queries aren't cached for any
great length of time, so you're a lot more likely to see your server
emitting recursive queries for them.

The problem seems to be this:

> 22:54:51.702916 192.168.25.200.41933 > 192.168.25.101.53:
>         63227+ A? www.etrade.com. (32)
> 22:54:51.702992 192.168.25.101.53 > 192.168.25.200.41933:  
>         63227 NXDomain 0/0/0 (32)

Your DNS is not returning the correct IP number in response to an A
query.  Somehow it has cached the wrong data, and it's not refreshing
it from the authoritative source.  You should see something like this
if you try looking them up with dig(1):

    % dig www.etrade.com IN A 
    
    ; <<>> DiG 8.3 <<>> www.etrade.com IN A 
    ;; res options: init recurs defnam dnsrch
    ;; got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 0
    ;; QUERY SECTION:
    ;;      www.etrade.com, type = A, class = IN
    
    ;; ANSWER SECTION:
    www.etrade.com.         15S IN A        12.153.224.22
    
    ;; AUTHORITY SECTION:
    www.etrade.com.         23h59m59s IN NS  gsched3.etrade.com.
    www.etrade.com.         23h59m59s IN NS  gsched4.etrade.com.
    www.etrade.com.         23h59m59s IN NS  gsched2.etrade.com.
    
    ;; Total query time: 214 msec
    ;; FROM: happy-idiot-talk.infracaninophile.co.uk to SERVER: default -- 127.0.0.1
    ;; WHEN: Fri Nov 22 09:28:43 2002
    ;; MSG SIZE  sent: 32  rcvd: 114


Dump the DNS cache using 'ndc dumpdb' and grep through it for
'etrade.com' to see if the entries look reasonable.  Try restarting
your DNS server so it begins again with an empty cache.

	Cheers,

	Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.                       26 The Paddocks
                                                      Savill Way
                                                      Marlow
Tel: +44 1628 476614                                  Bucks., SL7 1TH UK

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message