whois is failing with 'unknown host internic.net'
Customer is running 3.2.4 and can no longer get whois or name
resolution to work correctly. The master server for DNS was recently
decommisioned and the service moved to the secondary server. whois is
uncommented in the /etc/services file. Why is whois ( and also name
serving in general ) not working?
InfoExplorer documents that the whois command "searches a user name
directory and displays information about the user ID or nickname
specified in the Name parameter. The whois command tries to reach ARPANET
host sri-nic.arpa where it examines a user-name database to
obtain information. The whois command should be used only by users
on ARPANET. Refer to RFC 812 for more complete information and
recent changes to the whois command".
RFC 812 has been updated by RFC 954. RFC 954 describes the NICNAME/WHOIS
protocol as follows:
" The NICNAME/WHOIS Server is a TCP transaction based query/response
server, running on the SRI-NIC machine (184.108.40.206 or 10.0.0.51), that
provides netwide directory service to internet users. It is one of a
series of internet name services maintained by the DDN Network
Information Center (NIC) at SRI International on behalf of the
Defense Communications Agency (DCA). The server is accessible across
the Internet from user programs running on local hosts, and it
delivers the full name, U.S. mailing address, telephone number, and
network mailbox for DDN users who are registered in the NIC database.
This server, together with the corresponding WHOIS Database can also
deliver online look-up of individuals or their online mailboxes,
network organizations, DDN nodes and associated hosts, and TAC
telephone numbers. The service is designed to be user-friendly and
the information is delivered in human-readable format. DCA strongly
encourages network hosts to provide their users with access to this
Steps Involved in Verifying WHOIS service on AIX:
1. Verify that both the domain and the reverse domain are properly
registered with the Internet. You can try to resolve this using:
whois -h rs.internic.net IP-address
The result should state that the listed name servers are for reverse
2. Review the /etc/named.boot file for discrepancies, ie ip-addresses
and domain names are correct, no periods in the domain names
3. Review the /usr/namedb/named.ca file for discrepancies, ie domain names,
fully qualified nameserver hostnames, ip-addresses. A current copy of
the named.ca for the Internet may be obtained via anonymous ftp from
"nic.ddn.mil", named root-servers.txt in the "netinfo" subdirectory.
4. Cause a cache dump via: kill -2 `cat /etc/named.pid`. This creates a file
5. Search the /var/tmp/named_dump.db file for the "$origin ." part; this will
tell you where the system is looking for its 'root' servers. For example,
. 518363 IN NS NS.INTERNIC.NET.
518363 IN NS AOS.ARL.ARMY.MIL.
518363 IN NS KAVA.NISC.SRI.COM.
518363 IN NS C.NYSER.NET.
518363 IN NS TERP.UMD.EDU.
518363 IN NS NS.NASA.GOV.
518363 IN NS NIC.NORDU.NET.
518363 IN NS NS.NIC.DDN.MIL.
6. If this fails, re-read the /etc/named.boot file for any instance of
the nameserver host entries that do not look correct, especially
if this is a sub-domain name server within the company.
7. Comment out the above entries in the /etc/named.boot file and stop
the named process via stopsrc -s named.
8. Re-start the named process via startsrc -s named and immediately cause
a cache dump: kill -2 `cat /etc/named.pid`. This will create another
dump file in /var/tmp/named_dump.db (you may wish to save the previous
one in /var/tmp/named_dump.db.old).
Support Line: whois is failing with 'unknown host internic.net' ITEM: G9912L
Dated: March 1994 Category: N/A
This HTML file was generated 99/06/24~13:30:49
Comments or suggestions?