Linode Forum

[saman007uk]

Hi guys,

Since yesterday, all invalid domains names seem to suddenly resolve to the server hostname. For example, consider "3321esddasd223a.com" - which does not exist.

Dig confirms that it doesn't exist: Code: ; <<>> DiG 9.5.1-P3 <<>> 3321esddasd223a.com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56761
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;3321esddasd223a.com.           IN      A

;; AUTHORITY SECTION:
com.                    898     IN      SOA     a.gtld-servers.net. nstld.verisign-grs.com. 1251465248 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 207.192.69.4#53(207.192.69.4)
;; WHEN: Fri Aug 28 14:14:20 2009
;; MSG SIZE  rcvd: 110


Yet, when I try to ping it just resoles to the server hostname:
Code: root@server:~# ping 3321esddasd223a.com
PING 3321esddasd223a.com.saman-gh.co.uk (97.107.132.48) 56(84) bytes of data.
64 bytes from server.saman-gh.co.uk (97.107.132.48): icmp_seq=1 ttl=64 time=0.037 ms
64 bytes from server.saman-gh.co.uk (97.107.132.48): icmp_seq=2 ttl=64 time=0.058 ms
64 bytes from server.saman-gh.co.uk (97.107.132.48): icmp_seq=3 ttl=64 time=0.053 ms
64 bytes from server.saman-gh.co.uk (97.107.132.48): icmp_seq=4 ttl=64 time=0.060 ms
64 bytes from server.saman-gh.co.uk (97.107.132.48): icmp_seq=5 ttl=64 time=0.061 ms


I don't have a name server installed, and the contents of /etc/resolv.conf and /etc/hosts look fine. Any ideas?!

[Alucard]

Post /etc/hosts ?

[jsr]

Take a look at your ping command, it is not resolving 3321esddasd223a.com, it is translating it to 3321esddasd223a.com.saman-gh.co.uk.

I'm guessing you have your resolv.conf setup with a domain of "saman-gh.co.uk". I can see that you have a wildcard DNS for *.saman-gh.co.uk. So your server is checking <anything>.saman-gh.co.uk for a result and since that is a wildcard, it finds it.

[mwalling]

You have a search line in your resolv.conf

[saman007uk]

Thanks for the replies,

jsr wrote: I'm guessing you have your resolv.conf setup with a domain of "saman-gh.co.uk". I can see that you have a wildcard DNS for *.saman-gh.co.uk. So your server is checking <anything>.saman-gh.co.uk for a result and since that is a wildcard, it finds it.

unfortunately, nope:
Code: root@server:~# cat /etc/resolv.conf
nameserver 207.192.69.4
nameserver 207.192.69.5


/etc/hosts: Code: 127.0.0.1 localhost
97.107.132.48 server.saman-gh.co.uk
# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts


keep the suggestions coming ....

[jsr]

From the resolv.conf man page:

Code: If no domain entry is present, the domain is determined from the local host name returned by gethostname(); the domain part is taken to be everything after the first '.'. Finally, if the host name does not contain a domain part, the root domain is assumed.


So your server is most likely setting a default search domain of "saman-gh.co.uk" even if you aren't specifying it.

One of the easy fixes would be to just get rid of the wildcard DNS, if you are not using it. You could also make your hostname "server" instead of "server.saman-gh.co.uk".

[saman007uk]

Ah, many thanks for the explanation.