[OpenAFS] Re: what is "status: 11862790" (Tiger, rc8)

Russ Allbery rra@stanford.edu
Tue, 28 Feb 2006 11:48:52 -0800 

Adam Megacz <megacz@cs.berkeley.edu> writes:

> Well, there's only one level of indirection (AFSDB->CNAME->A).  Also,
> the AFSDB->CNAME question was raised here and it seems like it's
> permissible:

>   https://www.openafs.org/pipermail/openafs-info/2005-December/020609.html

> Also, I should add, this problem only occurs sporadically -- most of
> the time it works.  It's just every once in a while I get this weird
> error.  But when it happens it's rather stubborn (sometimes even
> reboots don't change things).

Maybe I'm missing something, but this looks really strange:

;; QUESTION SECTION:
;research.cs.berkeley.edu.      IN      ANY

;; ANSWER SECTION:
research.cs.berkeley.edu. 86371 IN      AFSDB   1 afs.research.CS.Berkeley.EDU.

;; AUTHORITY SECTION:
CS.Berkeley.EDU.        7327    IN      NS      ns.CS.Berkeley.EDU.
CS.Berkeley.EDU.        7327    IN      NS      ns.EECS.Berkeley.EDU.
CS.Berkeley.EDU.        7327    IN      NS      cgl.UCSF.EDU.
CS.Berkeley.EDU.        7327    IN      NS      adns1.Berkeley.EDU.
CS.Berkeley.EDU.        7327    IN      NS      adns2.Berkeley.EDU.
CS.Berkeley.EDU.        7327    IN      NS      vangogh.CS.Berkeley.EDU.


;; QUESTION SECTION:
;afs.research.cs.berkeley.edu.  IN      ANY

;; ANSWER SECTION:
afs.research.cs.berkeley.edu. 86382 IN  CNAME   research.cs.berkeley.edu.

;; AUTHORITY SECTION:
cs.berkeley.edu.        7319    IN      NS      vangogh.cs.berkeley.edu.
cs.berkeley.edu.        7319    IN      NS      ns.cs.berkeley.edu.
cs.berkeley.edu.        7319    IN      NS      ns.EECS.berkeley.edu.
cs.berkeley.edu.        7319    IN      NS      cgl.UCSF.edu.
cs.berkeley.edu.        7319    IN      NS      adns1.berkeley.edu.
cs.berkeley.edu.        7319    IN      NS      adns2.berkeley.edu.


That seems to say that you have an AFSDB record for
research.cs.berkeley.edu pointing to afs.research.cs.berkeley.edu, which
is a CNAME for research.cs.berkeley.edu, which has no records other than
the AFSDB record.  This is against our local caching BIND server.

However, when I do that query directly against the listed NS servers, I
get the right results (an additional A and MX record for
research.cs.berkeley.edu).

It's smelling like you have a lame DNS server somewhere, or a lack of
glue, or some other DNS problem that's causing intermittant failures.

-- 
Russ Allbery (rra@stanford.edu)             <http://www.eyrie.org/~eagle/>