-   Linux - Server (
-   -   recursive DNS not resolving, but most others OK. (

technodweeb 02-04-2011 09:29 AM

recursive DNS not resolving, but most others OK.
The issue is my local recursive DNS servers will not resolve some domain names. In particular, They will resolve most other .gov sites with no issue. During my investigation I tried using some open DNS sites. Most will resolve the query, but some of those have the same issue I have, no servers could be reached. I have gone through Red Hat support and they could find no issues with my configuration. I then used to look up information on the domain in question. I can do a query against the listed nameservers and get a proper reply, however I can not get a reply from the primary nameserver. My question is in 2 parts. 1, is this my issue or theirs? And 2, is there a way for me to correct the issue? I have tried to contact but got no response. Below is some details I got during testing. I believe what is happening is the primary is listed on the root servers for a place to get a reply. in my case it has the shortest RTT, so my servers try going there. The connection times out and so I can not get it to resolve. Any thoughts and ideas welcome. info;

nameservers [] [TTL=86400] [] [TTL=86400] [] [TTL=86400]

Primary nameserver: []
Hostmaster E-mail address:
Serial #: 2011020105
Refresh: 10800
Retry: 3600
Expire: 604800
Default TTL: 86400

WARNING: Your SOA (Start of Authority) record states that your master (primary) name server is:

However, that server is not listed at the parent servers as one of your NS records! This is legal, but you should be sure

that you know what you are doing.

info direct from cli on servers;

# named -v
BIND 9.3.6-P1-RedHat-9.3.6-16.P1.el5

$ nslookup (same response on local recursive servers)
;; connection timed out; no servers could be reached

Some open dns servers also time out while others will resolve.

bathory 02-04-2011 01:14 PM



1, is this my issue or theirs?
It's them. They have decleare as authoritative in the domain's SOA, while this nameserver is not responding.


2, is there a way for me to correct the issue?
Try to contact them again.
You can also try to change the resolver in /etc/named.conf and use some other that can resolve the domain(s) in question. FYI both opendns and google dns can successfully resolve the domain.


technodweeb 02-07-2011 10:57 AM

Thanks for taking the time to check it out. I am glad it is them and not me!
Thanks again.

All times are GMT -5. The time now is 12:35 AM.