Date: Tue, 12 Oct 2010 20:05:59 +1100 (EST) From: Ian Smith <smithi@nimnet.asn.au> To: Eugene Grosbein <egrosbein@rdtc.ru> Cc: net@freebsd.org Subject: Re: strange resolver behavour Message-ID: <20101012152857.X2036@sola.nimnet.asn.au> In-Reply-To: <4CB2AF28.30309@rdtc.ru> References: <4CB2AF28.30309@rdtc.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 11 Oct 2010, Eugene Grosbein wrote: > Hi! > > FreeBSD 8.1-STABLE: > > # host koin-nkz.com. > koin-nkz.com has address 62.231.164.101 > Host koin-nkz.com not found: 3(NXDOMAIN) > > This domain does not have MX records but NXDOMAIN seems to wrong return > code to me. Think about MTA that does look-up for MX first, > obtains NXDOMAIN and rejects mail. If a domain has no MX server, how's an MTA supposed to do mail with it? sola% host koin-nkz.com koin-nkz.com has address 62.231.164.101 Host koin-nkz.com not found: 2(SERVFAIL) I consistently get SERVFAIL for this one's MX server from here. Only querying its nameserver/s directly gets the proper (negative) answer: sola% dig +short koin-nkz.com ns ns.mtw.ru. ns1.mtw.ru. sola% dig +short @ns.mtw.ru koin-nkz.com 62.231.164.101 sola% dig +short @ns.mtw.ru koin-nkz.com mx sola% dig @ns.mtw.ru koin-nkz.com mx ; <<>> DiG 9.3.4-P1 <<>> @ns.mtw.ru koin-nkz.com mx ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12266 ;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;koin-nkz.com. IN MX ;; AUTHORITY SECTION: koin-nkz.com. 43200 IN NS ns.mtw.ru. koin-nkz.com. 43200 IN NS ns1.mtw.ru. ;; ADDITIONAL SECTION: ns.mtw.ru. 43200 IN A 194.135.30.55 ns1.mtw.ru. 43200 IN A 193.124.133.210 ;; Query time: 397 msec ;; SERVER: 194.135.30.55#53(194.135.30.55) ;; WHEN: Tue Oct 12 15:35:10 2010 ;; MSG SIZE rcvd: 103 Further, checking RDNS: sola% dig +short koin-nkz.com 62.231.164.101 sola% host 62.231.164.101 101.164.231.62.in-addr.arpa domain name pointer 62-231-164-101.rdtc.ru. sola% host 62-231-164-101.rdtc.ru. Host 62-231-164-101.rdtc.ru not found: 3(NXDOMAIN) But RDNS probably really only matters for the MX (when it gets one :) > tcpdump shows that after MX look-up failure resolver adds my local > domain suffix from /etc/resolv.conf's "search" clause and > goes to my local DNS server looking for MX record for > 'koin-nkz.com.my.ru.' that does not exists. Hence, NXDOMAIN. > > Is it a bug in our resolver? Well perhaps - but it works right when the proper DNS records exist. > I've tested 6.4-STABLE and 7.3-STABLE, same effect. Yes, same on the last 5-STABLE. > I've also tested 4.11-STABLE and it works correctly - no wrong > suffix addition, no NXDOMAIN. > > Eugene Grosbein cheers, Ian
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20101012152857.X2036>