 |  |
At 9:27 AM -0400 9/23/01, andrew kagan wrote:
Re: weird dns error resolving "www"
From: Men & Mice Support
Date: Sunday, September 23, 2001
Time: 8:32:06 pm
> > >..does DNS Expert's info indicate
> > >it doesn't hold the zone data, or it's just "nonauthoritative"?
> >
> > it's answering but without authority.
>
>what does that mean? it's listed as one of the 3 NS records with NetSol and
>it's listed as an NS in the zone record...what makes it "authoritative" or
>is this even a problem?
A non-authoritative server is one that doesn't have (or isn't
loading, in the case of Bind) a full copy of the zone. If your master
server goes down, the non-authoritative slave won't help, except with
any data it's cached from the master server.
In other words, this is a problem.
> > >Also, if the primary NS _is_ responding, why would it make the resolut=
ion
> > >any slower if one of the NS's in non-operational?
> >
> > If the dead NS is queried first, then the resolver will timeout and the=
n
> > try the next. BIND actually queries all NS's and chooses the fastest
>one,
> > with lowest RTT, round-trip time.
>
>But that's not what was happening...I was seeing an immediate "server could
>not be found" error when trying to hit the site using "www" through a dialu=
p
>connection (but "gas2001.com" resolved immediately")...could that be a
>problem with another DNS caching a route to my DNS or something like that?
>(BTW: I was forced to move a bunch of servers, including the NS box, to a
>second location after the WTC disaster...my upstream re-routed my IPs to th=
e
>new location and I never edited the zone records in any way.)
If you're seeing an immediate, negative response, then there's
something wrong. Either a slave server is responding with bogus data,
or there's a problem with that CNAME record.
> > >Lastly, why is it more desirable to have 2 A records pointing to an IP
> > >instead of an A record and a CNAME?
> >
> > because CNAME's require a second query to retrieve the canonical's A
> > record, but more importanlty, CNAME's have rules that many people scre=
w
> > up, which breaks their zone (loss of authority).
>
>You saw my zone, and DNS Expert didn't say anything was wrong with using th=
e
>CNAME record, so why imply that I'm using it inappropriately?
A lot of people just don't like CNAME records, because of the
confusion factor and the possibility of slowing down resolution.
There is nothing "wrong" with the way you're using this particular
CNAME record.
> > ime, CNAME's seem to be a useless "knob to twist", ie, "oh, I haven=B4t
> > twisted any CNAME knobs yet, I better put some in my zone, "just=
because I
> > can" " :))
>
>I'm not associating the "www" with a CNAME because I'm trying to show off
>how clever I am... I'm doing it because that's what I've told is the correc=
t
>structure for the zone. If you're assuring me now that it's better to have
>multiple A records pointing to the same IP, then I'll do that instead.
Either way is fine, according to the rules.
> > btw, your www response pb's might be due not to DNS slow/not responding
>but
> > the www server or it's last-hop internet link being overwhelmed with ni=
mda
> > crap http requests, so that the web server isn't responding at all or
> > extremely slowly so that the browsers time out.
>
>I don't think that's the problem...I see a straight-through < 40ms response
>time down to the server when trace routing...and it shouldn't make a
>difference that one query is for "gas2001.com" or www.gas2001.com. I'm
>certainly no expert on DNS, but it looks more like something along the way,
>either a router or DNS, is either caching a defunct route and not finding a
>DNS there or the domain record is corrupted somewhere.
Are you still seeing the problem? If not, it will be impossible to
say for sure what was happening. If you are, though, can you tell us
what DNS server is giving back this result?
____________________________________________________________________
Chris Buxton Men & Mice
cbuxton@menandmice.com We Make DNS Easy!
Messages In This Thread:
Return to Digital Point Solutions' Home Page