From owner-freebsd-questions Thu Nov 21 20:15:46 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9224C37B401 for ; Thu, 21 Nov 2002 20:15:44 -0800 (PST) Received: from thevoid.delnoch.net (thevoid.delnoch.net [66.93.83.238]) by mx1.FreeBSD.org (Postfix) with ESMTP id AEEA943E4A for ; Thu, 21 Nov 2002 20:15:40 -0800 (PST) (envelope-from jeffi@rcn.com) Received: by thevoid.delnoch.net (Postfix, from userid 1000) id D2601F94A; Thu, 21 Nov 2002 23:15:34 -0500 (EST) Date: Thu, 21 Nov 2002 23:15:34 -0500 From: Jeff To: freebsd-questions@freebsd.org Subject: dns problem Message-ID: <20021122041534.GA71059@rcn.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4i Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I'm running into a DNS problem, I'm not certain where the problem is, but hopefully with this information someone can assist me. the problem right now is exclusively with *.etrade.com I am running an internal DNS server. (FBSD-4.6.2/named-8.3.3 with the most recent security patches, and the most recent named.root) If I use an application that only tries to query A? it works successfully. (i.e. ping/traceroute) But if it queries AAAA?, then it runs into problems. The clients I have tried this on, have been various BSD boxes, all produce the same result. > telnet www.etrade.com 80 www.etrade.com: No address associated with hostname .101 is the server, .200 is the client *tcpdump from dns server interface* 22:54:51.612851 192.168.25.200.10852 > 192.168.25.101.53: 60253+ AAAA? www.etrade.com. (32) 22:54:51.613108 192.168.25.101.53 > 198.6.1.18.53: 1950 AAAA? www.etrade.com. (32) 22:54:51.653100 198.6.1.18.53 > 192.168.25.101.53: 1950- 0/3/3 (146) 22:54:51.653551 192.168.25.101.53 > 12.153.224.23.53: 24903 AAAA? www.etrade.com. (32) 22:54:51.701327 12.153.224.23.53 > 192.168.25.101.53: 24903 NXDomain- 0/0/0 (32) 22:54:51.701486 192.168.25.101.53 > 192.168.25.200.10852: 60253 NXDomain 0/0/0 (32) 22:54:51.702916 192.168.25.200.41933 > 192.168.25.101.53: 63227+ A? www.etrade.com. (32) 22:54:51.702992 192.168.25.101.53 > 192.168.25.200.41933: 63227 NXDomain 0/0/0 (32) 22:54:51.705283 192.168.25.200.18126 > 192.168.25.101.53: 58449+ AAAA? www.etrade.com.(my-domain.appended.here). (44) 22:54:51.705425 192.168.25.101.53 > 192.168.25.200.18126: 58449 NXDomain* 0/1/0 (92) 22:54:51.710606 192.168.25.200.45887 > 192.168.25.101.53: 36435+ A? www.etrade.com.(my-domain.appended.here). (44) 22:54:51.710698 192.168.25.101.53 > 192.168.25.200.45887: 36435 NXDomain* 0/1/0 (92) *tcpdump on the external firewall interface* 22:54:51.007232 my.ip.goes.here.57107 > 198.6.1.18.53: 1950 AAAA? www.etrade.com. (32) 22:54:51.046922 198.6.1.18.53 > my.ip.goes.here.57107: 1950- 0/3/3 (146) (DF) 22:54:51.047638 my.ip.goes.here.62276 > 12.153.224.23.53: 24903 AAAA? www.etrade.com. (32) 22:54:51.095178 12.153.224.23.53 > my.ip.goes.here.62276: 24903 NXDomain- 0/0/0 (32) ... I'm not sure why the only requests that go out are the AAAA requests and not the A's... as I mentioned before, this is the only domain that I have experienced this behavior on, but the test set is small enough that I dont want to assume its etrade, especially since I see my server only sending AAAA's out. And insight is appreciated Jeff To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message