DNS-BIND, got "BAD (HORIZONTAL) REFERRAL" error
hi all, my website is www.faisco.com, and work fine several days
but one of my new client said that they can't resolve my domain, meanwhile they can resolve other web site without any problem. i run 'dig' on their machine, this is the result: ; <<>> DiG 9.4.0 <<>> www.faisco.com +trace ;; global options: printcmd . 3600 IN NS m.root-servers.net. . 3600 IN NS l.root-servers.net. . 3600 IN NS k.root-servers.net. . 3600 IN NS j.root-servers.net. . 3600 IN NS i.root-servers.net. . 3600 IN NS h.root-servers.net. . 3600 IN NS g.root-servers.net. . 3600 IN NS f.root-servers.net. . 3600 IN NS e.root-servers.net. . 3600 IN NS d.root-servers.net. . 3600 IN NS c.root-servers.net. . 3600 IN NS b.root-servers.net. . 3600 IN NS a.root-servers.net. ;; Received 417 bytes from 192.168.0.10#53(192.168.0.10) in 0 ms com. 165333 IN NS g.gtld-servers.net. com. 165333 IN NS h.gtld-servers.net. com. 165333 IN NS i.gtld-servers.net. com. 165333 IN NS j.gtld-servers.net. com. 165333 IN NS k.gtld-servers.net. com. 165333 IN NS l.gtld-servers.net. com. 165333 IN NS m.gtld-servers.net. com. 165333 IN NS a.gtld-servers.net. com. 165333 IN NS b.gtld-servers.net. com. 165333 IN NS c.gtld-servers.net. com. 165333 IN NS d.gtld-servers.net. com. 165333 IN NS e.gtld-servers.net. com. 165333 IN NS f.gtld-servers.net. ;; Received 464 bytes from 192.203.230.10#53(e.root-servers.net) in 284 ms com. 165333 IN NS g.gtld-servers.net. com. 165333 IN NS h.gtld-servers.net. com. 165333 IN NS i.gtld-servers.net. com. 165333 IN NS j.gtld-servers.net. com. 165333 IN NS k.gtld-servers.net. com. 165333 IN NS l.gtld-servers.net. com. 165333 IN NS m.gtld-servers.net. com. 165333 IN NS a.gtld-servers.net. com. 165333 IN NS b.gtld-servers.net. com. 165333 IN NS c.gtld-servers.net. com. 165333 IN NS d.gtld-servers.net. com. 165333 IN NS e.gtld-servers.net. com. 165333 IN NS f.gtld-servers.net. ;; BAD (HORIZONTAL) REFERRAL ;; Received 464 bytes from 192.41.162.30#53(l.gtld-servers.net) in 383 ms com. 165333 IN NS g.gtld-servers.net. com. 165333 IN NS h.gtld-servers.net. com. 165333 IN NS i.gtld-servers.net. com. 165333 IN NS j.gtld-servers.net. com. 165333 IN NS k.gtld-servers.net. com. 165333 IN NS l.gtld-servers.net. com. 165333 IN NS m.gtld-servers.net. com. 165333 IN NS a.gtld-servers.net. com. 165333 IN NS b.gtld-servers.net. com. 165333 IN NS c.gtld-servers.net. com. 165333 IN NS d.gtld-servers.net. com. 165333 IN NS e.gtld-servers.net. com. 165333 IN NS f.gtld-servers.net. ;; BAD (HORIZONTAL) REFERRAL ;; Received 464 bytes from 192.26.92.30#53(c.gtld-servers.net) in 329 ms com. 165333 IN NS g.gtld-servers.net. com. 165333 IN NS h.gtld-servers.net. com. 165333 IN NS i.gtld-servers.net. com. 165333 IN NS j.gtld-servers.net. com. 165333 IN NS k.gtld-servers.net. com. 165333 IN NS l.gtld-servers.net. com. 165333 IN NS m.gtld-servers.net. com. 165333 IN NS a.gtld-servers.net. com. 165333 IN NS b.gtld-servers.net. com. 165333 IN NS c.gtld-servers.net. com. 165333 IN NS d.gtld-servers.net. com. 165333 IN NS e.gtld-servers.net. com. 165333 IN NS f.gtld-servers.net. ;; BAD (HORIZONTAL) REFERRAL ;; Received 464 bytes from 192.5.6.30#53(a.gtld-servers.net) in 466 ms com. 165333 IN NS g.gtld-servers.net. com. 165333 IN NS h.gtld-servers.net. com. 165333 IN NS i.gtld-servers.net. com. 165333 IN NS j.gtld-servers.net. com. 165333 IN NS k.gtld-servers.net. com. 165333 IN NS l.gtld-servers.net. com. 165333 IN NS m.gtld-servers.net. com. 165333 IN NS a.gtld-servers.net. com. 165333 IN NS b.gtld-servers.net. com. 165333 IN NS c.gtld-servers.net. com. 165333 IN NS d.gtld-servers.net. com. 165333 IN NS e.gtld-servers.net. com. 165333 IN NS f.gtld-servers.net. ;; BAD (HORIZONTAL) REFERRAL ;; Received 464 bytes from 192.12.94.30#53(e.gtld-servers.net) in 383 ms lots of 'BAD (HORIZONTAL) REFERRAL'??? and the correct result should be like this: ; <<>> DiG 9.4.0 <<>> www.faisco.com +trace ;; global options: printcmd . 43757 IN NS a.root-servers.net. . 43757 IN NS b.root-servers.net. . 43757 IN NS c.root-servers.net. . 43757 IN NS d.root-servers.net. . 43757 IN NS e.root-servers.net. . 43757 IN NS f.root-servers.net. . 43757 IN NS g.root-servers.net. . 43757 IN NS h.root-servers.net. . 43757 IN NS i.root-servers.net. . 43757 IN NS j.root-servers.net. . 43757 IN NS k.root-servers.net. . 43757 IN NS l.root-servers.net. . 43757 IN NS m.root-servers.net. ;; Received 228 bytes from 192.168.1.254#53(192.168.1.254) in 156 ms com. 172800 IN NS g.gtld-servers.net. com. 172800 IN NS l.gtld-servers.net. com. 172800 IN NS k.gtld-servers.net. com. 172800 IN NS f.gtld-servers.net. com. 172800 IN NS d.gtld-servers.net. com. 172800 IN NS c.gtld-servers.net. com. 172800 IN NS a.gtld-servers.net. com. 172800 IN NS e.gtld-servers.net. com. 172800 IN NS h.gtld-servers.net. com. 172800 IN NS j.gtld-servers.net. com. 172800 IN NS i.gtld-servers.net. com. 172800 IN NS m.gtld-servers.net. com. 172800 IN NS b.gtld-servers.net. ;; Received 504 bytes from 192.203.230.10#53(e.root-servers.net) in 531 ms faisco.com. 172800 IN NS dns1.faisco.cn. faisco.com. 172800 IN NS dns2.faisco.cn. ;; Received 79 bytes from 192.12.94.30#53(e.gtld-servers.net) in 343 ms www.faisco.com. 86400 IN CNAME serv01.faisco.com. serv01.faisco.com. 86400 IN A 119.120.92.213 faisco.com. 86400 IN NS dns1.faisco.cn. faisco.com. 86400 IN NS dns2.faisco.cn. ;; Received 116 bytes from 58.255.252.149#53(dns2.faisco.cn) in 203 ms can any one help ? thanks! |
Hi,
Looks like the name server running on 192.168.0.10 is badly configured, or there is a networking (router/firewall?) problem. Does the following works? Code:
dig www.faisco.com +trace +tcp |
hi,bathory
here is the result: ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> www.faisco.com +trace +tcp ;; global options: printcmd ;; connection timed out; no servers could be reached but the server ( which can resolve the domain correctly ) also got the same result by the way, the client ( which use 192.168.0.10 as its name server) can resolve other domain without any problem, like www.google.com, www.facebook.com, www.amazone.com, www.linuxquestions.org.... |
Huh? When you use tcp you cannot contact the server?
Then I guess port 53/tcp is closed by a firewall running on the name server in question. Can you telnet that server on port 53? |
yes, all client can telnet the server on port 53, but results of dig +tcp all the same:
here is the result: ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> www.faisco.com +trace +tcp ;; global options: printcmd ;; connection timed out; no servers could be reached |
Quote:
|
yes, i don't think there is any problem with the host, but what puzzles me is that the client can resolve all other websites except my website, so strange...
|
You can tell your client to change the 1st nameserver in /etc/resolv.conf and use google (8.8.8.8.8) or opendns (208.67.222.222)
Cheers |
All times are GMT -5. The time now is 05:37 PM. |