nslookup works, dig and host don't
Mathias Körber
mathias at koerber.org
Thu Oct 19 15:13:06 UTC 2000
Hi there,
I tried it from my site and I get timeouts also when using
nslookup. I think your NAT might not be working correctly,
or perhaps there is something wrong with the outgoing traffic
(as you seem to be seeing the queries on the inside network).
# nslookup
Default Server: matjes
Address: 0.0.0.0
> server is1.blocksberg.com
Default Server: is1.blocksberg.com
Address: 195.179.0.28
> set q=3Dany
> blocksberg.com
Server: is1.blocksberg.com
Address: 195.179.0.28
*** is1.blocksberg.com can't find blocksberg.com: No response from =
server
Maybe you did not tell your nslookup to use is1.blocksberg.com
as server and it used the outside system's default server?
regards
=20
> -----Original Message-----
> From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org]On
> Behalf Of Justin Heesemann
> Sent: Thursday, October 19, 2000 19:52
> To: Bind Mailing List
> Subject: nslookup works, dig and host don't
>=20
>=20
>=20
> Hi ..
> i've got a pretty strange problem with bind 8.2 / 9 behind a router
> with NAT.
> Ports 53 TCP and 53 UDP are routed to my linux server, which can
> resolve it's domains via host, dig and nslookup as it should.
>=20
> The strange thing is, that it does not work from the outside:
> i can resolve my domains with nslookup, but when i try to resolve it
> with host or dig (like dig -a @is1.blocksberg.com blocksberg.com ) i
> get timeouts.
>=20
> The DNS does work so far, that i can get emails send to my domains and
> it seems, that anybody can go to www.blocksberg.com (just a test
> page), so i don't know what could be wrong.
>=20
> I also tcpdumped port 53 udp whilst trying to resolve blocksberg.com
> with dig and nslookup -> it seems, the server is receiving request by
> both of them, in the same way. And it responds in the same way.
> But host and dig seem not to receive anything (i can't run tcpdump on
> the outside host)
>=20
> Could i be due to my router which uses NAT that some packets don't get
> outside and what is the difference between a request of nslookup and
> one of dig ?!?
>=20
> Anyone ever had anything like this ?
>=20
> ...
> Justin
>=20
>=20
>=20
>=20
More information about the bind-users
mailing list