[dns-operations] Odd resolver/cache behavor or normal operation?

Mohamed Lrhazi ml623 at georgetown.edu
Mon Aug 26 14:27:41 UTC 2013


We had mail outage which was caused by one of our three recursive caching
DNS servers to be answering a query like seen bellow.

What could explain the fact that this record had zero answers? and why
would the cache server, apparently, cache this answer for over 10 hours
(until I manually cleared the cache)? A user reported that the cache server
was returning AAAA records, but no IPv4, though we dont have an example of
such query/response saved. I guess the fact that the server had AAAA record
would explain why the bellow response is a NOERROR?

➜  ~  dig imap.gmail.com @

; <<>> DiG 9.9.2-P1 <<>> imap.gmail.com @
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34151
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 4, ADDITIONAL: 5

; EDNS: version: 0, flags:; udp: 4096
;imap.gmail.com. IN A

gmail.com. 94747 IN NS ns3.google.com.
gmail.com. 94747 IN NS ns2.google.com.
gmail.com. 94747 IN NS ns4.google.com.
gmail.com. 94747 IN NS ns1.google.com.

ns2.google.com. 269064 IN A
ns1.google.com. 269064 IN A
ns3.google.com. 269064 IN A
ns4.google.com. 269064 IN A

;; Query time: 56 msec
;; WHEN: Sat Aug 24 16:21:17 2013
;; MSG SIZE  rcvd: 186

Thanks a lot,
