Maintained by: NLnet Labs

[Unbound-users] Cannot resolve www.noaa.gov. Anybody else, too?

saturas81 at vfemail.net
Thu Jul 12 10:35:13 CEST 2012


Hallo,

I have problems to resolve some names with unbound 1.4.7 (ldns 1.6.13)
on Debian lenny. My old running maradns or asking the Google DNS runs
fine. For example the webserver of NOAA:

============================================================
Ask my fresh started unbound (alias ip on ethX)...

!root at urknall:/opt/unbound# dig +nodnssec gov. @192.168.0.16

; <<>> DiG 9.6-ESV-R4 <<>> +nodnssec gov. @192.168.0.16
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13554
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;gov.				IN	A

;; AUTHORITY SECTION:
gov.			86400	IN	SOA	a.usadotgov.net. nstld.verisign-grs.com. 1340643602
3600 900 1814400 86400

;; Query time: 653 msec
;; SERVER: 192.168.0.16#53(192.168.0.16)
;; WHEN: Mon Jun 25 21:08:56 2012
;; MSG SIZE  rcvd: 94

!root at urknall:/opt/unbound# dig +nodnssec noaa.gov. @192.168.0.16

; <<>> DiG 9.6-ESV-R4 <<>> +nodnssec noaa.gov. @192.168.0.16
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33920
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 3, ADDITIONAL: 0

;; QUESTION SECTION:
;noaa.gov.			IN	A

;; ANSWER SECTION:
noaa.gov.		86400	IN	A	140.90.200.21
noaa.gov.		86400	IN	A	140.172.17.21
noaa.gov.		86400	IN	A	129.15.96.21

;; AUTHORITY SECTION:
noaa.gov.		86400	IN	NS	ns-e.noaa.gov.
noaa.gov.		86400	IN	NS	ns-nw.noaa.gov.
noaa.gov.		86400	IN	NS	ns-mw.noaa.gov.

;; Query time: 1562 msec
;; SERVER: 192.168.0.16#53(192.168.0.16)
;; WHEN: Mon Jun 25 21:09:03 2012
;; MSG SIZE  rcvd: 133

!root at urknall:/opt/unbound# dig +nodnssec www.noaa.gov. @192.168.0.16

; <<>> DiG 9.6-ESV-R4 <<>> +nodnssec www.noaa.gov. @192.168.0.16
;; global options: +cmd
;; connection timed out; no servers could be reached

============================================================
Well, just ask uncle G... (NOAA uses load balancing?)

!root at urknall:/opt/unbound/lib# dig +nodnssec www.noaa.gov. @8.8.8.8

; <<>> DiG 9.6-ESV-R4 <<>> +nodnssec www.noaa.gov. @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50048
;; flags: qr rd ra; QUERY: 1, ANSWER: 12, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.noaa.gov.			IN	A

;; ANSWER SECTION:
www.noaa.gov.		300	IN	CNAME	edge-hdq.woc.noaa.gov.
edge-hdq.woc.noaa.gov.	300	IN	CNAME	edge-p1.l.noaa.gov.
edge-p1.l.noaa.gov.	30	IN	A	140.90.33.11
edge-p1.l.noaa.gov.	30	IN	A	140.90.33.21
edge-p1.l.noaa.gov.	30	IN	A	140.90.200.11
edge-p1.l.noaa.gov.	30	IN	A	140.90.200.21
edge-p1.l.noaa.gov.	30	IN	A	140.172.17.11
edge-p1.l.noaa.gov.	30	IN	A	140.172.17.21
edge-p1.l.noaa.gov.	30	IN	A	216.38.80.71
edge-p1.l.noaa.gov.	30	IN	A	216.38.80.81
edge-p1.l.noaa.gov.	30	IN	A	129.15.96.11
edge-p1.l.noaa.gov.	30	IN	A	129.15.96.21

;; Query time: 229 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Mon Jun 25 21:21:25 2012
;; MSG SIZE  rcvd: 241

============================================================
And local maradns... (picks one A and changes TTL)

; <<>> DiG 9.6-ESV-R4 <<>> +nodnssec www.noaa.gov. @192.168.0.15
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56357
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.noaa.gov.			IN	A

;; ANSWER SECTION:
www.noaa.gov.		900	IN	CNAME	edge-hdq.woc.noaa.gov.
edge-hdq.woc.noaa.gov.	900	IN	A	140.90.200.11

;; Query time: 476 msec
;; SERVER: 192.168.0.15#53(192.168.0.15)
;; WHEN: Mon Jun 25 21:09:50 2012
;; MSG SIZE  rcvd: 73

============================================================

Can anyone reproduce this? I haven´t deliberately attached debug logs so
far. Maybe unbound has nothing to do with it.


Regards,
saturas

-------------------------------------------------
This message sent via VFEmail.net
http://www.vfemail.net
$14.95 Lifetime accounts!  15GB disk!  
Commercial Mail Options!   No bandwidth quotas!