Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations wOOdy-Soft on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

No A records for domain but web site is working 1

Status
Not open for further replies.
nikaudio

nikaudio

Technical User
Feb 26, 2008
13
Hello,
I was setting a domain on apache: aukcje.zep.com.pl
and have noticed that there is no A record for that domain:

;aukcje.zep.com.pl. IN A
but ping would resolve it to IP address:
[root@topaz conf]# ping aukcje.zep.com.pl
64 bytes from iqlogic.pl (91.121.75.49): icmp_seq=1 ttl=54 time=46.1 ms

I can access web site htp://aukcje.zep.com.pl, how it is being resolved to IP if any of the DNS querring tools is not returning any answer (IP)? I have never seem anything like this. I would appreciate if somebody could explain it to me.

Regards
Slawek
 
Sort by date Sort by votes
I don't get DNS resolution on that.

What client you using?

1) Local hosts setting.
2) Do you "shadow" DNS (internal / external)
3) if using windows, possible it comes from AD?

eugene
 
Upvote 0 Downvote
I'm using linux box with FC5.
I do not get resolution on DIG 9.3.4 there is not A record.

But I can ping host, actually I can ping any host, it does not have any sense.

[root@topaz etc]# ping whatever.domain.com
PING orlowscy.com (91.121.75.49) 56(84) bytes of data.
64 bytes from iqlogic.pl (91.121.75.49): icmp_seq=1 ttl=54 time=47.6 ms

I'm getting answer from my domain (orlowscy.com)
So basically when I'm pinging not existing domain ping is pinging my domain. Curious behavior which I do not understand.
I do not have split DNS. I do not run dns server (bind) on that machine at all. In my resolve.conf there are only two IP of DNS servers provided by my DSL provider.

/etc/hosts
127.0.0.1 topaz.orlowscy.com topaz localhost.localdomain localhos
t
Regards
Slawek
 
Upvote 0 Downvote
Sounds like a wildcard A record. Wildcards are usually used for routing all domain email to a host like

* IN MX 10 mailgateway.mydomain.com.

So mail to whatever.mydomain.com gets routed to the mailgateway machine (without having to have individual MX records for each machine).

While valid this is possible:

* IN A 91.121.75.49

So even unconfigured names all resolve to the an IP. Probably useful when you are hosting lots of virtual hosts and don't want to update the DNS for every host.

eugene
 
Upvote 0 Downvote
Thank you for the replay.

In my provider DNS I have only set up :
orlowscy.com A 3600 91.121.75.49
orlowscy.com MX 3600 10 mail.orlowscy.com
*.orlowscy.com CNAME 3600 orlowscy.com

SO there is wildcard but only for hosts belonging for that domains.
And DIG does not resolve anything but hosts from that domain to 91.121.75.49. All other world hosts are resolved to their proper IP's or to nothing if not set up.

It is only ping and web pages in my Firefox that behave bizarre.
IMHO above DNS settings do not justify such behavior.
So how ping and http (is getting instruction to resolve an unknown pages to my IP) I do not understand. Does not seem like he is getting it from the some source like DIG command.
 
Upvote 0 Downvote
First, you don't have periods on all FQDN entries.

Second, the reason it is doing this is because of search pathing. If you ping something that exists, it will work.
I think if you use dig or nslookup in debug mode, you will see that you enter:

doesnotexist.mydomain.com.

But that does not exist, but the search path will eventually tack on the orlowscy.com, to make
doesnotexist.mydomain.com.orlowscy.com

and this does exist, mainly
orlowscy.com.

That is why wildcards (except in MX records) are kind of not used much.

eugene
 
Upvote 0 Downvote
Reviewing your records, I am only familiar with BIND format. Perhaps your tool is adding the missing dots.

Generally, there is a default domain for each file, and yours is orlowscy.com.

You have:
orlowscy.com A 3600 91.121.75.49
orlowscy.com MX 3600 10 mail.orlowscy.com
*.orlowscy.com CNAME 3600 orlowscy.com

In Bind, the domain is implied so it should be:

(SOA/NS records here)
IN A 3600 91.121.75.49
IN MX 3600 10 mail.orlowscy.com.
* IN CNAME 3600 orlowscy.com.

So without the dots, mail.orlowscy.com would be
mail.orlowscy.com.orlowscy.com.

Perhaps the wildcard is fooling you to thinking it is working correctly? Add a single entry like:

test IN A 91.121.75.50
and see if you can resolve it.

eugene
 
Upvote 0 Downvote
I just added record
test IN A 91.121.75.50
and it is resolving as it should.


 
Upvote 0 Downvote
Did you add it just as:
test IN A 91.121.75.50
or as
test.orlowscy.com IN A 91.121.75.50
like your other records?
 
Upvote 0 Downvote
I add it as
test.orlowscy.com
A
91.121.75.50
(it is GUI interface, provider does not let me mess directly with zone files).
this time I did
test2
A
91.121.75.51

and it resolves as I would have added test2.orlowscy.com
 
Upvote 0 Downvote
Okay, so the GUI is "fixing" the trailing dot. Good.

Do you need the wildcard CNAME? The only situation I can think of is if you are virtual hosting lots of web sites.

As a server for your domain, it would be okay to have the CNAME wildcard. But for you to use it as a queryable DNS server for your clients, it would not work well.

Any client pointing to that DNS server will resolve unknown names to that IP, like web calls, mail routes, ftp, etc.
 
Upvote 0 Downvote
Yes I have a lot of virtual hosts on that domain so I "need" wildcard CNAME.
But for the sake of experiment, I have added all several CNAME's by hand and have removed wildcard CNAME.
Interesting enough I could not ping any more no existing hosts on the internet.

Now when dig cannot resolve it I cannot ping it. As it should be.

Still I do not understand why with
*.orlowscy.com CNAME orlowscy.com
dig would not resolve as it should gibberish_host.gibberish_domain.com to A record
but I could ping it, and orlowscy.com would answer.
DNS server in my resolver.conf are different then the once I setting up my CNAME records.
Regards thank for you patience and eagerness to help.
 
Upvote 0 Downvote
I guess it doesn't matter about which server you use, as long as orlowscy.com is in your search path.

Think about unqualified names. There is nothing to say that is fully qualified. Suppose I subdomain by location. If i ping and my search path is orlowscy.com it should return just as will return and hit your wildcard CNAME.

In other words, the non existence of does not mean it doesn't exist, it just triggers the resolver to use the search path.

There are resolver options to suppress (using the number of dots) the initial query for but I don't think there is a way to supress the search pathing easily because that is the way it works!

eugene
 
Upvote 0 Downvote
by search path you mean:
there is "search orlowscy.com" in /etc/resolve.conf ?
I did remove "search orlowscy.com" from resolve.conf file and restarted networking.

After adding *.orlowscy.com CNAME orlowscy.com to provider DNS,
I can
[root@topaz sorlowski]# ping no_existing_domain.com
PING orlowscy.com (91.121.75.49) 56(84) bytes of data.
64 bytes from iqlogic.pl (91.121.75.49): icmp_seq=1 ttl=55 time=155 ms
64 bytes from iqlogic.pl (91.121.75.49): icmp_seq=2 ttl=55 time=177 ms

but
[root@topaz sorlowski]# ping no_existing_domain.com.
ping: unknown host no_existing_domain.com.

So you are RIGHT orlowscy.com is being added and because of wildcard CNAME it is being resolved.
Adding . after domain is stopping it.

Should not removing search orlowscy.com from resolver disable it ?

Or maybe
# service restart network
is not enough and I have to restart whole server ?
 
Upvote 0 Downvote
Yes, removing it from your clients search path is the answer. But you would need to do that for all your clients and DHCP configuration. I don't know how small/big your site might be.

And you lose the convenience of unqualified names for those clients.

eugene
 
Upvote 0 Downvote
I restarted server at night. There is no search frase in my resolver. And I still can ping no_existing_domain.com
Where eles should I look for it ?
I cannot ping no_existing_domain.com from XP clients connected to the server though.
 
Upvote 0 Downvote
If there is no "search" in /etc/resolv.conf, I would suspect your hostname is fully qualified.

I believe the resolver will (by default) try the domains that are part of your hostname if "search" does not exist in /etc/resolv.conf.

eugene
 
Upvote 0 Downvote
It seems that it is indeed default behavior of resolver but not only.
When I type whatever_no_existing_domain.com in IE/Firefox on XP client connected to that server I will get default orlowscy.com web site.
Is there any way to disable such behavior different then removing
*.orlowscy.com CNAME 3600 orlowscy.com
from DNS ?
 
Upvote 0 Downvote
Since it only your clients that are affected, you could run a split DNS space, in which only your outside DNS had the wildcard.
eugene
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

A
  • Locked
  • Question
caller id not sending during transfer call
Replies
0
Views
3K
aperolina72
A
tbright
  • Locked
  • Question
DNS reverse lookup errors: zone 1.168.192.in-addr.arpa/IN: has no NS records
Replies
1
Views
12K
tbright
tbright
KenMeans
  • Locked
  • Question
DNS Issues with wireless router behind Atlantic Broad band Business Modem
Replies
0
Views
10K
KenMeans
KenMeans
Nick Ellson
  • Locked
  • Question
Bind9 with RPZ and local forwarding zones?
Replies
1
Views
11K
Nick Ellson
Nick Ellson
Richard Carter
  • Locked
  • Question
Set up BIND on DNS server for local home server
Replies
0
Views
10K
Richard Carter
Richard Carter

Part and Inventory Search

Sponsor

Back
Top