pc losing ability to resolve dns

[Kevin D. Goodknecht Sr. [MVP]]

In Jonathan de Boyne Pollard <[email protected]>
posted their concerns,
Then Kevin D4Dad added his reply at the bottom.

AF> We're kind of like doctors....

The methods of problem diagnosis are the same in many walks of life,
from doctors treating patients to car mechanics fixing vehicle
breakdowns. It's amazing how many people think that problems with
computers are somehow exempt from the requirements for complete and
accurate information that are there in all other walks of life, and
as a consequence present their computer problems on free technical
support forums in a way that would earn them very short shrift indeed
were they to do similar with a doctor or a mechanic whose time and
assistance they weren't paying for.

I suspect that only an exceptionally masochistic doctor would indulge
the following kind of timewasting for free:

Patient: Doctor, if I move one of my limbs for a while,
I encounter problems. Any ideas ?
Doctor: What sort of problems ? Which limb are you
moving ? How are you moving it ?
Patient: I said already. It's one of my limbs.
Doctor: It's tough to guess which limb. Please tell me.
Patient: It happens with the limb on the other side, too.
Doctor: But what are you doing, what actually happens, and
which part of your body is involved ? I'm a
doctor. I need a description of your symptoms to
work with and you aren't telling me a single thing.
Patient: I'm not trying to be hard headed or secretive.
I just want you to answer my question.

I suppose the doctor should tell him what Crazy said in his post, since it
is causing you problems, let's just amputate the one that I guess it is and
hope, I amputate the right one.

ROFLOL

 

[Jonathan de Boyne Pollard]

AF> WHen I tried it, with the d2 option, it said they were
AF> allowing recursion, unless I looked in the wrong spot.

Kevin said that 151.164.1.1 and 151.164.1.7 are the "sbcglobal.net."
content DNS servers. However, the listings in the public DNS
database that are visible from here give 206.13.28.11 instead of
151.164.1.7 :

[C:\]dnsgetns sbcglobal.net.
206.13.28.11
151.164.1.1

[C:\]

Responses from both of those content DNS servers to here have
the RA flag set to 0:

[C:\]dnsqry /serverip:151.164.1.1 soa sbcglobal.net. | grep /b/u "(Header:|->)"
[0.0.0.0:0000] -> [151.164.1.1:0035] 31
Header: 0000 1+0+0+0, Q, , query, no_error
[151.164.1.1:0035] -> [0.0.0.0:0000] 157
Header: 0000 1+1+2+2, R, AUTH, query, no_error

[C:\]dnsqry /serverip:206.13.28.11 soa sbcglobal.net. | grep /b/u "(Header:|->)"
[0.0.0.0:0000] -> [206.13.28.11:0035] 31
Header: 0000 1+0+0+0, Q, , query, no_error
[206.13.28.11:0035] -> [0.0.0.0:0000] 157
Header: 0000 1+1+2+2, R, AUTH, query, no_error

[C:\]

Responses from 151.164.1.7 to here, however, have the
RA flag set to 1:

[C:\]dnsqry /serverip:151.164.1.7 soa sbcglobal.net. | grep /b/u "(Header:|->)"
[0.0.0.0:0000] -> [151.164.1.7:0035] 31
Header: 0000 1+0+0+0, Q, , query, no_error
[151.164.1.7:0035] -> [0.0.0.0:0000] 157
Header: 0000 1+1+2+2, R, RA|AUTH, query, no_error

[C:\]

 

[Ace Fekay [MVP]]

-----Original Message-----
AF> We're kind of like doctors....

The methods of problem diagnosis are the same in many walks of life, from
doctors treating patients to car mechanics fixing vehicle breakdowns. It's
amazing how many people think that problems with computers are somehow exempt
from the requirements for complete and accurate information that are there in
all other walks of life, and as a consequence present their computer problems
on free technical support forums in a way that would earn them very short
shrift indeed were they to do similar with a doctor or a mechanic whose time
and assistance they weren't paying for.

I suspect that only an exceptionally masochistic doctor would indulge the
following kind of timewasting for free:

Patient: Doctor, if I move one of my limbs for a while,
I encounter problems. Any ideas ?
Doctor: What sort of problems ? Which limb are you
moving ? How are you moving it ?
Patient: I said already. It's one of my limbs.
Doctor: It's tough to guess which limb. Please tell me.
Patient: It happens with the limb on the other side, too.
Doctor: But what are you doing, what actually happens, and
which part of your body is involved ? I'm a
doctor. I need a description of your symptoms to
work with and you aren't telling me a single thing.
Patient: I'm not trying to be hard headed or secretive.
I just want you to answer my question.
.

Ahh, I'm just a cook...




Ace

 

[Ace Fekay [MVP]]

In Kevin D. Goodknecht Sr. [MVP] <[email protected]> posted his concerns
then I replied down below:

Ok, I see what you mean. I didn't look down further for the referral. The
top portion when I ran it says it's available. Look:

C:\>nslookup
Default Server: ponyexpress.bandwidthpros.com
Address: 208.47.39.10

set d2
server 151.164.1.1

------------
SendRequest(), len 42
HEADER:
opcode = QUERY, id = 2, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0

QUESTIONS:
1.1.164.151.in-addr.arpa, type = PTR, class = IN

------------
------------
Got answer (134 bytes):
HEADER:
opcode = QUERY, id = 2, rcode = NOERROR
header flags: response, auth. answer, want recursion, recursion
avail.
questions = 1, answers = 1, authority records = 2, additional = 2

QUESTIONS:
1.1.164.151.in-addr.arpa, type = PTR, class = IN
ANSWERS:
-> 1.1.164.151.in-addr.arpa
type = PTR, class = IN, dlen = 16
name = ns1.swbell.net
ttl = 7200 (2 hours)
AUTHORITY RECORDS:
-> 1.164.151.in-addr.arpa
type = NS, class = IN, dlen = 2
nameserver = ns1.swbell.net
ttl = 172800 (2 days)
-> 1.164.151.in-addr.arpa
type = NS, class = IN, dlen = 6
nameserver = ns2.swbell.net
ttl = 172800 (2 days)
ADDITIONAL RECORDS:
-> ns1.swbell.net
type = A, class = IN, dlen = 4
internet address = 151.164.1.1
ttl = 900 (15 mins)
-> ns2.swbell.net
type = A, class = IN, dlen = 4
internet address = 151.164.1.7
ttl = 900 (15 mins)

------------
Default Server: ns1.swbell.net
Address: 151.164.1.1

bandwidthpros.com

Server: ns1.swbell.net
Address: 151.164.1.1

------------
SendRequest(), len 53
HEADER:
opcode = QUERY, id = 3, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0

QUESTIONS:
bandwidthpros.com.bandwidthpros.com, type = A, class = IN

------------
------------
Got answer (485 bytes):
HEADER:
opcode = QUERY, id = 3, rcode = NOERROR
header flags: response, want recursion
questions = 1, answers = 0, authority records = 13, additional =
13

QUESTIONS:
bandwidthpros.com.bandwidthpros.com, type = A, class = IN
AUTHORITY RECORDS:
-> com
type = NS, class = IN, dlen = 20
nameserver = A.GTLD-SERVERS.NET
ttl = 34117 (9 hours 28 mins 37 secs)
-> com
type = NS, class = IN, dlen = 4
nameserver = G.GTLD-SERVERS.NET
ttl = 34117 (9 hours 28 mins 37 secs)
-> com
type = NS, class = IN, dlen = 4
nameserver = H.GTLD-SERVERS.NET
ttl = 34117 (9 hours 28 mins 37 secs)
-> com
type = NS, class = IN, dlen = 4
nameserver = C.GTLD-SERVERS.NET
ttl = 34117 (9 hours 28 mins 37 secs)
-> com
type = NS, class = IN, dlen = 4
nameserver = I.GTLD-SERVERS.NET
ttl = 34117 (9 hours 28 mins 37 secs)
-> com
type = NS, class = IN, dlen = 4
nameserver = B.GTLD-SERVERS.NET
ttl = 34117 (9 hours 28 mins 37 secs)
-> com
type = NS, class = IN, dlen = 4
nameserver = D.GTLD-SERVERS.NET
ttl = 34117 (9 hours 28 mins 37 secs)
-> com
type = NS, class = IN, dlen = 4
nameserver = L.GTLD-SERVERS.NET
ttl = 34117 (9 hours 28 mins 37 secs)
-> com
type = NS, class = IN, dlen = 4
nameserver = F.GTLD-SERVERS.NET
ttl = 34117 (9 hours 28 mins 37 secs)
-> com
type = NS, class = IN, dlen = 4
nameserver = J.GTLD-SERVERS.NET
ttl = 34117 (9 hours 28 mins 37 secs)
-> com
type = NS, class = IN, dlen = 4
nameserver = K.GTLD-SERVERS.NET
ttl = 34117 (9 hours 28 mins 37 secs)
-> com
type = NS, class = IN, dlen = 4
nameserver = E.GTLD-SERVERS.NET
ttl = 34117 (9 hours 28 mins 37 secs)
-> com
type = NS, class = IN, dlen = 4
nameserver = M.GTLD-SERVERS.NET
ttl = 34117 (9 hours 28 mins 37 secs)
ADDITIONAL RECORDS:
-> A.GTLD-SERVERS.NET
type = A, class = IN, dlen = 4
internet address = 192.5.6.30
ttl = 35986 (9 hours 59 mins 46 secs)
-> G.GTLD-SERVERS.NET
type = A, class = IN, dlen = 4
internet address = 192.42.93.30
ttl = 85146 (23 hours 39 mins 6 secs)
-> H.GTLD-SERVERS.NET
type = A, class = IN, dlen = 4
internet address = 192.54.112.30
ttl = 139994 (1 day 14 hours 53 mins 14 secs)
-> C.GTLD-SERVERS.NET
type = A, class = IN, dlen = 4
internet address = 192.26.92.30
ttl = 145850 (1 day 16 hours 30 mins 50 secs)
-> I.GTLD-SERVERS.NET
type = A, class = IN, dlen = 4
internet address = 192.43.172.30
ttl = 44805 (12 hours 26 mins 45 secs)
-> B.GTLD-SERVERS.NET
type = A, class = IN, dlen = 4
internet address = 192.33.14.30
ttl = 55320 (15 hours 22 mins)
-> D.GTLD-SERVERS.NET
type = A, class = IN, dlen = 4
internet address = 192.31.80.30
ttl = 147917 (1 day 17 hours 5 mins 17 secs)
-> L.GTLD-SERVERS.NET
type = A, class = IN, dlen = 4
internet address = 192.41.162.30
ttl = 151374 (1 day 18 hours 2 mins 54 secs)
-> F.GTLD-SERVERS.NET
type = A, class = IN, dlen = 4
internet address = 192.35.51.30
ttl = 150873 (1 day 17 hours 54 mins 33 secs)
-> J.GTLD-SERVERS.NET
type = A, class = IN, dlen = 4
internet address = 192.48.79.30
ttl = 90535 (1 day 1 hour 8 mins 55 secs)
-> K.GTLD-SERVERS.NET
type = A, class = IN, dlen = 4
internet address = 192.52.178.30
ttl = 102786 (1 day 4 hours 33 mins 6 secs)
-> E.GTLD-SERVERS.NET
type = A, class = IN, dlen = 4
internet address = 192.12.94.30
ttl = 144663 (1 day 16 hours 11 mins 3 secs)
-> M.GTLD-SERVERS.NET
type = A, class = IN, dlen = 4
internet address = 192.55.83.30
ttl = 154700 (1 day 18 hours 58 mins 20 secs)

------------
------------
SendRequest(), len 35
HEADER:
opcode = QUERY, id = 4, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0

QUESTIONS:
bandwidthpros.com, type = A, class = IN

------------
------------
Got answer (467 bytes):
HEADER:
opcode = QUERY, id = 4, rcode = NOERROR
header flags: response, want recursion
questions = 1, answers = 0, authority records = 13, additional =
13

QUESTIONS:
bandwidthpros.com, type = A, class = IN
AUTHORITY RECORDS:
-> com
type = NS, class = IN, dlen = 20
nameserver = A.GTLD-SERVERS.NET
ttl = 34117 (9 hours 28 mins 37 secs)
-> com
type = NS, class = IN, dlen = 4
nameserver = G.GTLD-SERVERS.NET
ttl = 34117 (9 hours 28 mins 37 secs)
-> com
type = NS, class = IN, dlen = 4
nameserver = H.GTLD-SERVERS.NET
ttl = 34117 (9 hours 28 mins 37 secs)
-> com
type = NS, class = IN, dlen = 4
nameserver = C.GTLD-SERVERS.NET
ttl = 34117 (9 hours 28 mins 37 secs)
-> com
type = NS, class = IN, dlen = 4
nameserver = I.GTLD-SERVERS.NET
ttl = 34117 (9 hours 28 mins 37 secs)
-> com
type = NS, class = IN, dlen = 4
nameserver = B.GTLD-SERVERS.NET
ttl = 34117 (9 hours 28 mins 37 secs)
-> com
type = NS, class = IN, dlen = 4
nameserver = D.GTLD-SERVERS.NET
ttl = 34117 (9 hours 28 mins 37 secs)
-> com
type = NS, class = IN, dlen = 4
nameserver = L.GTLD-SERVERS.NET
ttl = 34117 (9 hours 28 mins 37 secs)
-> com
type = NS, class = IN, dlen = 4
nameserver = F.GTLD-SERVERS.NET
ttl = 34117 (9 hours 28 mins 37 secs)
-> com
type = NS, class = IN, dlen = 4
nameserver = J.GTLD-SERVERS.NET
ttl = 34117 (9 hours 28 mins 37 secs)
-> com
type = NS, class = IN, dlen = 4
nameserver = K.GTLD-SERVERS.NET
ttl = 34117 (9 hours 28 mins 37 secs)
-> com
type = NS, class = IN, dlen = 4
nameserver = E.GTLD-SERVERS.NET
ttl = 34117 (9 hours 28 mins 37 secs)
-> com
type = NS, class = IN, dlen = 4
nameserver = M.GTLD-SERVERS.NET
ttl = 34117 (9 hours 28 mins 37 secs)
ADDITIONAL RECORDS:
-> A.GTLD-SERVERS.NET
type = A, class = IN, dlen = 4
internet address = 192.5.6.30
ttl = 35986 (9 hours 59 mins 46 secs)
-> G.GTLD-SERVERS.NET
type = A, class = IN, dlen = 4
internet address = 192.42.93.30
ttl = 85146 (23 hours 39 mins 6 secs)
-> H.GTLD-SERVERS.NET
type = A, class = IN, dlen = 4
internet address = 192.54.112.30
ttl = 139994 (1 day 14 hours 53 mins 14 secs)
-> C.GTLD-SERVERS.NET
type = A, class = IN, dlen = 4
internet address = 192.26.92.30
ttl = 145850 (1 day 16 hours 30 mins 50 secs)
-> I.GTLD-SERVERS.NET
type = A, class = IN, dlen = 4
internet address = 192.43.172.30
ttl = 44805 (12 hours 26 mins 45 secs)
-> B.GTLD-SERVERS.NET
type = A, class = IN, dlen = 4
internet address = 192.33.14.30
ttl = 55320 (15 hours 22 mins)
-> D.GTLD-SERVERS.NET
type = A, class = IN, dlen = 4
internet address = 192.31.80.30
ttl = 147917 (1 day 17 hours 5 mins 17 secs)
-> L.GTLD-SERVERS.NET
type = A, class = IN, dlen = 4
internet address = 192.41.162.30
ttl = 151374 (1 day 18 hours 2 mins 54 secs)
-> F.GTLD-SERVERS.NET
type = A, class = IN, dlen = 4
internet address = 192.35.51.30
ttl = 150873 (1 day 17 hours 54 mins 33 secs)
-> J.GTLD-SERVERS.NET
type = A, class = IN, dlen = 4
internet address = 192.48.79.30
ttl = 90535 (1 day 1 hour 8 mins 55 secs)
-> K.GTLD-SERVERS.NET
type = A, class = IN, dlen = 4
internet address = 192.52.178.30
ttl = 102786 (1 day 4 hours 33 mins 6 secs)
-> E.GTLD-SERVERS.NET
type = A, class = IN, dlen = 4
internet address = 192.12.94.30
ttl = 144663 (1 day 16 hours 11 mins 3 secs)
-> M.GTLD-SERVERS.NET
type = A, class = IN, dlen = 4
internet address = 192.55.83.30
ttl = 154700 (1 day 18 hours 58 mins 20 secs)

------------
Name: bandwidthpros.com
Served by:
- A.GTLD-SERVERS.NET
192.5.6.30
com
- G.GTLD-SERVERS.NET
192.42.93.30
com
- H.GTLD-SERVERS.NET
192.54.112.30
com
- C.GTLD-SERVERS.NET
192.26.92.30
com
- I.GTLD-SERVERS.NET
192.43.172.30
com
- B.GTLD-SERVERS.NET
192.33.14.30
com
- D.GTLD-SERVERS.NET
192.31.80.30
com
- L.GTLD-SERVERS.NET
192.41.162.30
com
- F.GTLD-SERVERS.NET
192.35.51.30
com
- J.GTLD-SERVERS.NET
192.48.79.30
com



Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

 

[Ace Fekay [MVP]]

In

The methods of problem diagnosis are the same in many walks of life,
from doctors treating patients to car mechanics fixing vehicle
breakdowns. It's amazing how many people think that problems with
computers are somehow exempt from the requirements for complete and
accurate information that are there in all other walks of life, and
as a consequence present their computer problems on free technical
support forums in a way that would earn them very short shrift indeed
were they to do similar with a doctor or a mechanic whose time and
assistance they weren't paying for.

I suspect that only an exceptionally masochistic doctor would indulge
the following kind of timewasting for free:

Patient: Doctor, if I move one of my limbs for a while,
I encounter problems. Any ideas ?
Doctor: What sort of problems ? Which limb are you
moving ? How are you moving it ?
Patient: I said already. It's one of my limbs.
Doctor: It's tough to guess which limb. Please tell me.
Patient: It happens with the limb on the other side, too.
Doctor: But what are you doing, what actually happens, and
which part of your body is involved ? I'm a
doctor. I need a description of your symptoms to
work with and you aren't telling me a single thing.
Patient: I'm not trying to be hard headed or secretive.
I just want you to answer my question.

Sounds almost like the Monty Python skit in the "Search for the Holly
Grail"...

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

 

[Kevin D. Goodknecht Sr. [MVP]]

In Ace Fekay [MVP] <PleaseSubstituteMyFirstName&[email protected]>
posted their concerns,
Then Kevin D4Dad added his reply at the top.

In Kevin D. Goodknecht Sr. [MVP] <[email protected]> posted his
concerns then I replied down below:

Ok, I see what you mean. I didn't look down further for the referral.
The top portion when I ran it says it's available. Look:

When you type server 151.164.1.1 since you are pointing to your DNS it is
running a reverse lookup on the the IP address you entered. I guess this is
one of those confusing things nslookup does that Jonathan is always ranting
about.
Anyway the top section, where you entered change server command is your name
server answer for the lookup you ran against it doing the reverse lookup on
SBC's IP address. If you take a closer look your DNS return the authority
records on the IP address.

 

[Ace Fekay [MVP]]

In Kevin D. Goodknecht Sr. [MVP] <[email protected]> posted his concerns
then I replied down below:
Gotchya. I didn't look further down and just at the top part.

But if you notice, I changed servers. Look back at the output. I was
actually using 151.164.1.7 and not my own server.


--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

 

[Ace Fekay [MVP]]

In Ace Fekay [MVP] <PleaseSubstituteMyFirstName&[email protected]>
posted his concerns then I replied down below:

Kevin, check this out:

C:\bind>dig @151.164.1.7 lsaol.net any

; <<>> DiG 9.2.2rc1 <<>> @151.164.1.7 lsaol.net any
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;lsaol.net. IN ANY

;; ANSWER SECTION:
lsaol.net. 172800 IN NS ns1.lsaol.com.
lsaol.net. 172800 IN NS ns2.lsaol.com.

;; AUTHORITY SECTION:
lsaol.net. 172800 IN NS ns1.lsaol.com.
lsaol.net. 172800 IN NS ns2.lsaol.com.

;; ADDITIONAL SECTION:
ns1.lsaol.com. 172800 IN A 65.65.91.209
ns2.lsaol.com. 172800 IN A 65.65.91.212

;; Query time: 125 msec
;; SERVER: 151.164.1.7#53(151.164.1.7)
;; WHEN: Mon Jul 14 23:55:02 2003
;; MSG SIZE rcvd: 132

And This:==================================

C:\bind>dig @151.164.1.7 www.lsaol.net any

; <<>> DiG 9.2.2rc1 <<>> @151.164.1.7 www.lsaol.net any
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.lsaol.net. IN ANY

;; ANSWER SECTION:
www.lsaol.net. 3600 IN A 65.65.91.209

;; Query time: 140 msec
;; SERVER: 151.164.1.7#53(151.164.1.7)
;; WHEN: Mon Jul 14 23:55:39 2003
;; MSG SIZE rcvd: 47


C:\bind>




--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

 

[Kevin D. Goodknecht Sr. [MVP]]

In Ace Fekay [MVP] <PleaseSubstituteMyFirstName&[email protected]>
posted their concerns,
Then Kevin D4Dad added his reply at the bottom.

In Ace Fekay [MVP] <PleaseSubstituteMyFirstName&[email protected]>
posted his concerns then I replied down below:

Kevin, check this out:

C:\bind>dig @151.164.1.7 lsaol.net any

; <<>> DiG 9.2.2rc1 <<>> @151.164.1.7 lsaol.net any

OK Ace, after checking into this I found that ns1.swbell.net is non
recursive and ns2.swbell allows recursion ns2 holds secondary zones for ns1
and after talking to them about hosting a secondary zone for
lonestaramerica.com I found something interesting the any zone on ns1 is
replicated to the ns2 name server.
I'm not exactly sure how they do that but it is interesting that it happens
I guess I should have asked Patrick (one of the DNS admins) how this is
done.

Oh BTW, lsaol.net is about to go to AOL so it soon won't be mine, remember
me telling you of the agreement I made with them to settle the dispute over
lsaol.com and lsaol.net? They get one I get one.

 

[Kevin D. Goodknecht Sr. [MVP]]

In Jonathan de Boyne Pollard <[email protected]>
posted their concerns,
Then Kevin D4Dad added his reply at the bottom.

AF> WHen I tried it, with the d2 option, it said they were
AF> allowing recursion, unless I looked in the wrong spot.

Kevin said that 151.164.1.1 and 151.164.1.7 are the "sbcglobal.net."
content DNS servers. However, the listings in the public DNS
database that are visible from here give 206.13.28.11 instead of
151.164.1.7 :

[C:\]dnsgetns sbcglobal.net.
206.13.28.11
151.164.1.1

[C:\]

Responses from both of those content DNS servers to here have
the RA flag set to 0:

[C:\]dnsqry /serverip:151.164.1.1 soa sbcglobal.net. | grep /b/u
"(Header:|->)" [0.0.0.0:0000] -> [151.164.1.1:0035] 31
Header: 0000 1+0+0+0, Q, , query, no_error
[151.164.1.1:0035] -> [0.0.0.0:0000] 157
Header: 0000 1+1+2+2, R, AUTH, query, no_error

[C:\]dnsqry /serverip:206.13.28.11 soa sbcglobal.net. | grep /b/u
"(Header:|->)" [0.0.0.0:0000] -> [206.13.28.11:0035] 31
Header: 0000 1+0+0+0, Q, , query, no_error
[206.13.28.11:0035] -> [0.0.0.0:0000] 157
Header: 0000 1+1+2+2, R, AUTH, query, no_error

[C:\]

Responses from 151.164.1.7 to here, however, have the
RA flag set to 1:

[C:\]dnsqry /serverip:151.164.1.7 soa sbcglobal.net. | grep /b/u
"(Header:|->)" [0.0.0.0:0000] -> [151.164.1.7:0035] 31
Header: 0000 1+0+0+0, Q, , query, no_error
[151.164.1.7:0035] -> [0.0.0.0:0000] 157
Header: 0000 1+1+2+2, R, RA|AUTH, query, no_error

[C:\]

Yes, Jonathan you are correct about that. But I was refering to SWBells DNS,
if you notice a couple of things about the SBCGlobal's NS record,
ns1.pbi.net (206.13.28.11) it belongs to Pacific Bell, which SW Bell aquired
sometime back to form SBC, not only does it not answer recursively, it also
does not have a delegation to the root. This means that not only does it not
answer non-authoritatively it won't refer you to the root for zones it
doesn't hold. So you certainly want to use it for anything accept as a place
to host a DNS domain zone.

My guess is that ns1.pbi.net is in California and I know for a fact that,
ns1 and ns2.swbell.net are in Texas

When I switched to SBC last year for my service I move my domains to their
DNS servers. I was requested to have ns1.swbell.net and ns2.swbell.net
listed as authoritative for the domains I moved. This was before I set up
DNS at my site because my old provider only gave me one IP address and they
charged me $6 a month for it. SBC gave me 5 IPs for $35 a month less than I
was paying. So it became a no brainer, I switched.

I know this sounds confusing but the point I'm making is if he is trying
to use their Authoritative DNS servers anywhere in his setup as either
forwarders or in his NIC setup, it is going to cause inconsistant DNS
resolution problems. We've seen this before, when people have tried to use
some ISP's Authoritative DNS servers, that they get behavior Dave is
experiencing. But we will never know that I guess, because Dave won't tell
us what he is using for DNS.

 

[Jonathan de Boyne Pollard]

KDGS> I guess this is one of those confusing things nslookup does
KDGS> that Jonathan is always ranting about.

Ranting ? Pah! I just explain that the daft error message that it produces
is the result of its bad design, describe what is actually happening, and
strongly encourage the use of one of the several widely available replacement
tools that do not have "nslookup"'s problem. That's not ranting. Ranting
involves violence, anger, or strong emotion, none of which are present in my
frequently given answer.

Moreover, it's far from just me alone that mentions this bad design, and that
encourages people to get out of the bad habit of using "nslookup". The same
thing has been said and the same encouragement made by _many_ people (for
quite a few years now), including Barry Margolin,

BM> The nslookup command sucks. Its error messages are
BM> either confusing or ambiguous [...] and it performs a
BM> reverse DNS check of the server's address that is not
BM> required by the protocol and causes lots of confusion.
BM> [...] consider using the "dig" or "host" programs
BM> instead, [...]

Paul Vixie,

PV> Nslookup is a bad command, for many reasons, and you
PV> should use "dig" for all command line DNS lookups
PV> unless you prefer "host" which is less general but
PV> more friendly.

Dan Bernstein,

DJB> Every server could add a PTR record to work around
DJB> this nslookup bug, but that creates unnecessary
DJB> administrative problems. It's easier to tell people
DJB> to stop using buggy [...] software.

and Kevin Darcy,

KD> This error is the result of nslookup's suckiness.
KD> [...] Use a real tool like dig [...]

just for starters. These and many other people all saying the same thing, in
just about every DNS discussion forum that there is, are what the Frequently
Given Answer is referring to when it briefly says

It has been widely acknowledged for several years that
["nslookup"] is a bad tool.

 

[Jonathan de Boyne Pollard]

KDGS> [...] not only does [206.13.28.11] not answer recursively, it
KDGS> also does not have a delegation to the root. This means that
KDGS> not only does it not answer non-authoritatively it won't refer
KDGS> you to the root for zones it doesn't hold.

This is not a cause of a problem, however. Because of the way that
securing against cache pollution works, upwards referrals such as
that have to be entirely discarded by a secure resolving proxy
DNS server anyway.

There's a belief held by a few, including the foolish "fr." registry,
that every content DNS server should provide one with delegation
information for "." if it is asked. (The foolish "fr." registry has
daft automated checks that it runs against all of the content DNS
servers for "fr." domains that needlessly query them for this
information amongst other things.) But this belief is false. A
DNS server that is only serving content has no need to publish
anything about "." if it is _not_ actually a "." content DNS
server in its own right.

Indeed, publishing such delegation information would trigger one
of the several bugs in the broken "dnstracer" utility. So
accommodating the brokenness of "dnstracer" is one (admittedly
poor) reason not to do so.

<URL:http://homepages.tesco.net./~J.deBo...rect-algorithm.html#OutOfBailiwickDelegations>

 

[Kevin D. Goodknecht Sr. [MVP]]

In

KDGS> I know this sounds confusing [...]

Not to me, it doesn't. But then I tell people not to do that too.
(-:

<URL:http://homepages.tesco.net./~J.deBoynePollard/FGA/dns-server-roles.html
#ContentDontTalkToClients>

What I didn't see was where you got the 151.164.1.7 address from,
since that's not one of the listed "sbcglobal.net." content DNS
servers. It's clear now, however, that it came from your own
dealings with SBC. (-:

Here's the deal Jonathan, swbell.net is in Texas, Oklahoma, Arkansas, and
Missiouri their name servers are geographically located for these states

swbell.net

Server: ns1.lonestaramerica.com
Address: 65.65.91.209

Non-authoritative answer:
swbell.net nameserver = ns1.swbell.net
swbell.net nameserver = ns2.swbell.net

ns1.swbell.net internet address = 151.164.1.1<non-recursive
ns2.swbell.net internet address = 151.164.1.7

Pacific Bell (pbi.net) is California and West coast their name servers are
geographcally located on the West coast

pbi.net

Server: ns1.lonestaramerica.com
Address: 65.65.91.209

Non-authoritative answer:
pbi.net nameserver = ns2.pbi.net
pbi.net nameserver = ns1.pbi.net

ns2.pbi.net internet address = 206.13.29.11
ns1.pbi.net internet address = 206.13.28.11<non-recursive


SBC is the Corp formed from the two Baby Bells above so it would seem likely
that they will have sbcglobal.net name servers for each geographcal location
But these two name servers will not recurse the internet name space they
have recursion disabled. Is it not believable that some one might try to use
one of these two name servers for DNS?

sbcglobal.net

Server: ns1.lonestaramerica.com
Address: 65.65.91.209

Non-authoritative answer:
sbcglobal.net nameserver = ns1.swbell.net
sbcglobal.net nameserver = ns1.pbi.net

ns1.swbell.net internet address = 151.164.1.1<non-recursive
ns1.pbi.net internet address = 206.13.28.11<non-recursive

 

[Kevin D. Goodknecht Sr. [MVP]]

In

KDGS> I guess this is one of those confusing things nslookup does
KDGS> that Jonathan is always ranting about.

Ranting ? Pah! I just explain that the daft error message that it
produces is the result of its bad design, describe what is actually
happening, and strongly encourage the use of one of the several
widely available replacement tools that do not have "nslookup"'s
problem. That's not ranting. Ranting involves violence, anger, or
strong emotion, none of which are present in my frequently given
answer.

Sounds like ranting to me, You left one out, "extravagantly" when you go on
and on about nslookup being a bad tool I think that is extravegant speaking.
Then, you paste a link to a page where you go on and on about it being a bad
tool for having this behavior, when all they are asking for is why they get
domain not found when it starts. You seem to put a lot of emphesis on the
original poster's question and intent. Why not just tell them what the error
means and why they are getting it and let it go at that?
You won't even give a hint as to what to do to stop it.

So what if nslookup does a reverse lookup on the IP of the server it is
looking at. I don't think that makes it a bad tool, that is what nslookup is
supposed to do. So maybe dig doesn't do that, that doesn't make it superior.
Maybe dig is superior, but is it superior just because dig doesn't perform
that reverse lookup?
Whether nslookup performs the reverse lookup or not, I think has no bearing
on its performance.
Nslookup gives pretty much the same answer and in my humble oppinion it is
much easier to use, especially if you are doing multiple lookups. With my
hunt and peck style I would be all day making multiple lookups with dig.
Unless I am using the wrong command why should I have to type dig
@192.168.0.3 then the domain name just to do simple queries?

I just don't think that nslookup's behavior for looking up the name of the
server's IP it is looking has anything to do with it being inferior to dig.
It still gets the job done I have both dig and nslookup I use nslookup just
for its simplicity.