> >My only possible explanation to offer is that perhaps the servers are > >giving inconsistent results, and Linux is behaving inconsistently with > >regards to search-vs.-qualified and/or ping-vs.-nslookup. > > Okay, all cards on the table; the servers being inconsistent wouldn't > surprise me, and I kinda had that suspicion all along (given what I've > seen about these servers). Here's something else to try. Pick the DNS lookup that fails, and run tcpdump (in another terminal, as root) on DNS traffic: tcpdump port 53 -n Then do your ping (or other command) and watch it fail. In the tcpdump output, you should see something like this for a good lookup (edited for clarity): hh:mm:ss.us IP your-ip.33705 > dns-server.53: 18380+ A? targ (32) hh:mm:ss.us IP dns-server.53 > your-ip.33705: 18380* 1/2/2 A targ-ip (136) ^^^^^^^^^^^ ^^^^^^^^^^^^^ ^^^^^^^^^^^^^ ^^^^^^^ (time) (source) (dest) (lookup target) Here's a bad lookup: hh:mm:ss.us IP your-ip.33705 > dns-server.53: 2078+ A? badtarg (32) hh:mm:ss.us IP dns-server.53 > your-ip.33705: 2078 NXDomain* 0/1/0 (83) ^^^^^^^^^^^ ^^^^^^^^^^^^^ ^^^^^^^^^^^^^ ^^^^^^^^ (time) (source) (dest) (domain not found) What you should also see is the 'search' list being tried as well. For example, if 'search' is 'foo.org bar.com baz.net', you'll see it try this for a bad fully-qualified address 'nonexistant.example.com': nonexistant.example.com nonexistant.example.com.foo.org nonexistant.example.com.bar.com nonexistant.example.com.baz.net All of which will (presumably) fail, but at least you see which names your client is trying and which names the server is rejecting, along with what error it's rejecting it with. (If the error is anything other than NXDomain, it's probably a DNS server error.)
Attachment:
signature.asc
Description: Digital signature