On Mon 12 Jan, Philip Hazel wrote:
> On Mon, 12 Jan 1998, Tim Cutts wrote:
>
> > 16:43 mole:~> nslookup -querytype=mx mail.zoo.co.uk
> > Server: mole.bio.cam.ac.uk
> > Address: 131.111.36.9
> >
> > *** mole.bio.cam.ac.uk can't find mail.zoo.co.uk: Server failed
> >
> > which took a long time to appear (some sort of time out, I suppose). I'm
> > not much of a DNS expert, so:
> >
> > a) Could this be responsible for the error message that exim is
> > generating and if so,
>
> Yes. It's looking for the MX record and failing in this way.
>
> > b) Whose fault is it likely to be?
>
> The maintainer of the nameservers for zoo.co.uk. They seem to be broken:
>
> ursa$ dig @NS0.ZOO.NET.UK. mail.zoo.co.uk. mx
>
> ; <<>> DiG 2.1 <<>> @NS0.ZOO.NET.UK. mail.zoo.co.uk. mx
> ; (1 server found)
> ;; res options: init recurs defnam dnsrch
> ;; got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 10
> ;; flags: qr rd ra; Ques: 1, Ans: 0, Auth: 0, Addit: 0
> ;; QUESTIONS:
> ;; mail.zoo.co.uk, type = MX, class = IN
>
> ;; Total query time: 5167 msec
> ;; FROM: ursa.cus.cam.ac.uk to SERVER: NS0.ZOO.NET.UK. 194.216.59.2
> ;; WHEN: Mon Jan 12 16:56:35 1998
> ;; MSG SIZE sent: 32 rcvd: 32
>
> Note that "SERVFAIL" status. However, it seems perfectly capable of
> returning A records. I suspect some configuration shambles, or maybe
> bugs in the actual zone file. I have once before seen another DNS server
> in the same state, but never discovered what actually caused it.
>
> The other one seems to be totally dead:
>
> ursa$ dig @NS1.ZOO.NET.UK. mail.zoo.co.uk. mx
>
> ; <<>> DiG 2.1 <<>> @NS1.ZOO.NET.UK. mail.zoo.co.uk. mx
> ; (1 server found)
> ;; res options: init recurs defnam dnsrch
> ;; res_send to server NS1.ZOO.NET.UK. 194.216.59.3: Connection timed out
> ursa$
>
> There is some tie up between zoo.co.uk and zoo.net.uk; something has got
> confused, I suspect. One can do an entire DNS zone
> transfer for the zoo.co.uk zone, and all looks well in there, with no MX
> record but just an A record for mail.zoo.co.uk.
>
> Ha! As I write, it seems to be working again...
Not properly though...
> nslookup
Default Server: localhost
Address: 127.0.0.1
> set q=soa
> zoo.co.uk.
Server: localhost
Address: 127.0.0.1
Non-authoritative answer:
zoo.co.uk
origin = ns0.zoo.net.uk
mail addr = hostmaster.zoo.net.uk
serial = 98010801
refresh = 10800 (3 hours)
retry = 3600 (1 hour)
expire = 432000 (5 days)
minimum ttl = 86400 (1 day)
Authoritative answers can be found from:
zoo.co.uk nameserver = NS0.ZOO.NET.uk
zoo.co.uk nameserver = NS1.ZOO.NET.uk
NS0.ZOO.NET.uk internet address = 194.216.59.2
NS1.ZOO.NET.uk internet address = 194.216.59.3
>
[ OK - ns0.zoo.net.uk should be teh authorative source for mail.zoo.co.uk
- let's as him... ]
> server ns0.zoo.co.uk.
Default Server: ns0.zoo.co.uk
Address: 194.216.59.2
> set q=a
> mail.zoo.co.uk.
Server: ns0.zoo.co.uk
Address: 194.216.59.2
Non-authoritative answer:
Name: mail.zoo.co.uk
Address: 194.216.59.4
At this point ns0.zoo.net.uk should be returing an Authorative
answer. The above state tends to screw things. I've seen this
a few times in our own DNS - and is usually caused by a silly
typo in the DNS file, such as a ',' in place of a '.' etc...
> mail.zoo.net.uk.
Server: ns0.zoo.co.uk
Address: 194.216.59.2
Name: zoo5.zoo.net.uk
Address: 194.216.59.5
Aliases: mail.zoo.net.uk
mail.zoo.net.uk. does not seem to be suffering - so the problem
really shoul dbe in te zoo.co.uk file somewhere... I could imagine
it is quite big though. To help me find the culprit list time
I used a program called nslint (or dnslint? mmm) which (after cutting
a lot of warnings out) lead me to th problem....
Regards
aid
--
Adrian J Bool | mailto:aid@u-net.net
Network Operations | http://www.noc.u-net.net/
U-NET Ltd, UK | tel://44.1925.484461/
--
*** Exim information can be found at
http://www.exim.org/ ***
