From owner-freebsd-isp@FreeBSD.ORG  Fri Mar  3 23:33:21 2006
Return-Path: <owner-freebsd-isp@FreeBSD.ORG>
X-Original-To: freebsd-isp@freebsd.org
Delivered-To: freebsd-isp@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 6C21C16A420
	for <freebsd-isp@freebsd.org>; Fri,  3 Mar 2006 23:33:21 +0000 (GMT)
	(envelope-from mlevans@blacksburg.net)
Received: from vulcan.blacksburg.net (ns3.blacksburg.net [72.236.213.10])
	by mx1.FreeBSD.org (Postfix) with ESMTP id E634543D46
	for <freebsd-isp@freebsd.org>; Fri,  3 Mar 2006 23:33:18 +0000 (GMT)
	(envelope-from mlevans@blacksburg.net)
X-Envelope-From: mlevans@blacksburg.net
Received: from p0ts1.blacksburg.net (pluto.blacksburg.net [72.236.213.5])
	by vulcan.blacksburg.net (8.13.3/8.13.3) with ESMTP id k23NXD63038162; 
	Fri, 3 Mar 2006 18:33:14 -0500 (EST)
	(envelope-from mlevans@blacksburg.net)
Message-Id: <6.2.5.6.0.20060303181946.055037e0@blacksburg.net>
X-Mailer: QUALCOMM Windows Eudora Version 6.2.5.6
Date: Fri, 03 Mar 2006 18:33:05 -0500
To: freebsd-isp@freebsd.org, Troy Settle <troy@psknet.com>
From: Lyle Evans <mlevans@blacksburg.net>
In-Reply-To: <4408BD81.1010303@psknet.com>
References: <4408BD81.1010303@psknet.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-2.0b1
	(vulcan.blacksburg.net [72.236.213.35]);
	Fri, 03 Mar 2006 18:33:15 -0500 (EST)
Cc: 
Subject: Re: dns issues?
X-BeenThere: freebsd-isp@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Internet Services Providers <freebsd-isp.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-isp>,
	<mailto:freebsd-isp-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-isp>
List-Post: <mailto:freebsd-isp@freebsd.org>
List-Help: <mailto:freebsd-isp-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-isp>,
	<mailto:freebsd-isp-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Mar 2006 23:33:21 -0000

At 05:04 PM 03/03/2006, you wrote:

>Can anyone tell me why the resolver on my 4-STABLE box (updated 3 
>months ago), would suddenly stop being able to resolve 
>krab.centaf.af.mil?  A restart of named fixed the issue, but I'm 
>curious as to why it would stop resolving in the first place.  I've 
>googled, but haven't found anything relevant to the issue.
>
>This has caused much grief for one of my customers who's son is in 
>Iraq, and I'd like to prevent it from happening again in the future.


Troy,
         It looks like to me one of the 2 Name servers for 
krab.centaf.af.mil is misconfigured,
no A records. I would drop the appropriate admins a friendly note. If 
they don't fix it,
you could put a local host entry. The bad entry was poisoning your 
cache and at TTL expiration
Bind tries again with a 50% per cent chance (or maybe more since the 
bad DNS server is listed
first), of getting a bad entry again. They are probably other ways of 
fixing the problem also.

Regards,
Lyle Evans
Blacksburg.Net

...

centaf.af.mil.          1D IN NS        ns.centaf.af.mil.
centaf.af.mil.          1D IN NS        centaf-3253.centaf.af.mil.

;; ADDITIONAL SECTION:
ns.centaf.af.mil.       1D IN A         207.133.180.250
centaf-3253.centaf.af.mil.  1D IN A  207.133.180.243

;; Total query time: 165 msec
;; FROM: vulcan.blacksburg.net to SERVER: 132.25.88.211
;; WHEN: Fri Mar  3 18:09:43 2006
;; MSG SIZE  sent: 36  rcvd: 111

-su-2.05b# ping krab.centaf.af.mil
ping: cannot resolve krab.centaf.af.mil: No address associated with name
-su-2.05b# dig @207.133.180.250 krab.centaf.af.mil

; <<>> DiG 8.3 <<>> @207.133.180.250 krab.centaf.af.mil
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36582
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUERY SECTION:
;;      krab.centaf.af.mil, type = A, class = IN

;; AUTHORITY SECTION:
krab.centaf.af.mil.     2h58m1s IN SOA  ns1.aorcentaf.af.mil. 
root.ns1.aorcentaf.af.mil. (
                                         2005080401      ; serial
                                         8H              ; refresh
                                         1H              ; retry
                                         2W              ; expiry
                                         1D )            ; minimum


;; Total query time: 474 msec
;; FROM: vulcan.blacksburg.net to SERVER: 207.133.180.250
;; WHEN: Fri Mar  3 18:15:50 2006
;; MSG SIZE  sent: 36  rcvd: 91

-su-2.05b# dig @207.133.180.243 krab.centaf.af.mil

; <<>> DiG 8.3 <<>> @207.133.180.243 krab.centaf.af.mil
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54793
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 2
;; QUERY SECTION:
;;      krab.centaf.af.mil, type = A, class = IN

;; AUTHORITY SECTION:
krab.centaf.af.mil.     1D IN NS        ns2.aorcentaf.af.mil.
krab.centaf.af.mil.     1D IN NS        ns1.aorcentaf.af.mil.

;; ADDITIONAL SECTION:
ns1.aorcentaf.af.mil.   8h55m16s IN A   153.26.176.42
ns2.aorcentaf.af.mil.   11h18m33s IN A  153.24.70.42

;; Total query time: 110 msec
;; FROM: vulcan.blacksburg.net to SERVER: 207.133.180.243
;; WHEN: Fri Mar  3 18:16:36 2006
;; MSG SIZE  sent: 36  rcvd: 114