BIND 8 bug? (Protocol not supported)
Pavel V. Knyazev
pasha at comp.protocols.dns.bind
Sat Feb 14 16:48:23 UTC 2004
Hi!
I'm setting up a caching only server under BIND 8.3.7-REL,
that comes with a fresh snapshot of FreeBSD 4.9 security branch.
Here's what i got. As long as BIND returns nothing for a first
query, it can be considered a bug, i think. Here we go (look also
at the bottom, there are some examples and comments):
9:30pm phobos:~# /usr/sbin/named -u bind -g bind -t /etc/namedb /etc/named.conf
9:30pm phobos:~# dig 194.in-addr.arpa ns
; <<>> DiG 8.3 <<>> 194.in-addr.arpa ns
;; res options: init recurs defnam dnsrch
;; res_nsend: Protocol not supported
9:31pm phobos:~# dig 194.in-addr.arpa ns
; <<>> DiG 8.3 <<>> 194.in-addr.arpa ns
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52669
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 7, ADDITIONAL: 7
;; QUERY SECTION:
;; 194.in-addr.arpa, type = NS, class = IN
;; ANSWER SECTION:
194.in-addr.arpa. 5D IN NS auth03.ns.uu.net.
194.in-addr.arpa. 5D IN NS tinnie.arin.net.
194.in-addr.arpa. 5D IN NS ns.ripe.net.
194.in-addr.arpa. 5D IN NS ns2.nic.fr.
194.in-addr.arpa. 5D IN NS sec1.apnic.net.
194.in-addr.arpa. 5D IN NS sec3.apnic.net.
194.in-addr.arpa. 5D IN NS sunic.sunet.se.
;; AUTHORITY SECTION:
194.in-addr.arpa. 5D IN NS auth03.ns.uu.net.
194.in-addr.arpa. 5D IN NS tinnie.arin.net.
194.in-addr.arpa. 5D IN NS ns.ripe.net.
194.in-addr.arpa. 5D IN NS ns2.nic.fr.
194.in-addr.arpa. 5D IN NS sec1.apnic.net.
194.in-addr.arpa. 5D IN NS sec3.apnic.net.
194.in-addr.arpa. 5D IN NS sunic.sunet.se.
;; ADDITIONAL SECTION:
auth03.ns.uu.net. 1d23h59m24s IN A 198.6.1.83
tinnie.arin.net. 2h59m26s IN A 63.146.182.189
ns.ripe.net. 1d23h59m24s IN A 193.0.0.193
ns2.nic.fr. 3d23h59m24s IN A 192.93.0.4
sec1.apnic.net. 1d23h59m24s IN A 202.12.29.59
sec3.apnic.net. 1d23h59m24s IN A 202.12.28.140
sunic.sunet.se. 23h59m23s IN A 192.36.125.2
;; Total query time: 644 msec
;; FROM: phobos.surnet.ru to SERVER: 127.0.0.1
;; WHEN: Sat Feb 14 21:31:38 2004
;; MSG SIZE sent: 34 rcvd: 434
9:31pm phobos:~# dig 194.in-addr.arpa ns @ns.ripe.net.
; <<>> DiG 8.3 <<>> 194.in-addr.arpa ns @ns.ripe.net.
; (2 servers found)
;; res options: init recurs defnam dnsrch
;; res_nsend: Protocol not supported
9:34pm phobos:~# dig 194.in-addr.arpa ns @193.0.0.193
; <<>> DiG 8.3 <<>> 194.in-addr.arpa ns @193.0.0.193
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11896
;; flags: qr aa rd; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 6
;; QUERY SECTION:
;; 194.in-addr.arpa, type = NS, class = IN
;; ANSWER SECTION:
194.in-addr.arpa. 5D IN NS sec1.apnic.net.
194.in-addr.arpa. 5D IN NS sec3.apnic.net.
194.in-addr.arpa. 5D IN NS sunic.sunet.se.
194.in-addr.arpa. 5D IN NS auth03.ns.uu.net.
194.in-addr.arpa. 5D IN NS tinnie.arin.net.
194.in-addr.arpa. 5D IN NS ns.ripe.net.
194.in-addr.arpa. 5D IN NS ns2.nic.fr.
;; ADDITIONAL SECTION:
ns.ripe.net. 2D IN A 193.0.0.193
ns.ripe.net. 2D IN AAAA 2001:610:240:0:53::193
ns2.nic.fr. 4D IN A 192.93.0.4
sec1.apnic.net. 1H IN A 202.12.29.59
sec3.apnic.net. 1H IN A 202.12.28.140
sec3.apnic.net. 1H IN AAAA 2001:dc0:1:0:4777:140::
;; Total query time: 321 msec
;; FROM: phobos.surnet.ru to SERVER: 193.0.0.193
;; WHEN: Sat Feb 14 21:36:26 2004
;; MSG SIZE sent: 34 rcvd: 328
9:36pm phobos:~#
As far as i understand, there are issues with IPv6,
in particular BIND 8 doesn't know how to deal with
such sites (look up and see how it works with IPv6
of ns.ripe.net).
There are no problems with BIND 9 on the same machine.
It works just fine although it sees IPv6 RRs also.
Please, what is the cure for BIND 8?
--
Pavel V. Knyazev
More information about the bind-users
mailing list