resolver's behavior
Frank Y.F. Luo
luoy at muohio.edu
Fri Apr 21 16:12:52 UTC 2006
This is only for test and try to understand the resolver. and of course
/etc/hosts is not use and DNS is used on both cases.
You said ""Dig" used the resolv.conf
> and "ping" used the system configured recursive name server."
Where is the "system configured recursive name server" defind? is it in
resolv.conf? I know in the resolv.conf there is only one entry for the NS
with recursive turned of.
I also want to emphesis the difference result of ping command on a Mac and a
Solaris machine mentioned in the first email: ping command on the Solaris 10
machines could not resovle slashdot.com in that setting.
> -----Original Message-----
> From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org]On
> Behalf Of Kirk Bradel
> Sent: Thursday, April 20, 2006 9:00 PM
> To: comp-protocols-dns-bind at isc.org
> Subject: Re: resolver's behavior
>
>
> Barry Margolin wrote:
> > In article <e2964j$2u9e$1 at sf1.isc.org>,
> > Kevin Darcy <kcd at daimlerchrysler.com> wrote:
> >
> >> Frank Y.F. Luo wrote:
> >>
> >>> I am a little confused about a resolver's behavior, like ping command,
> >>> nslookup command,
> >>>
> >>> I am querying against a DNS server with recursive turned off
> >>>
> >>> #dig www.slashdot.com
> >>>
> >>> ; <<>> DiG 9.2.4 <<>> www.slashdot.com
> >>> ;; global options: printcmd
> >>> ;; Got answer:
> >>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1794
> >>> ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 0
> > ....
> >> Command-line tools like "ping" typically use the "system" resolver,
> >> which is usually configurable (via a system config file like
> >> /etc/nsswitch.conf or the like) and may or may not even include DNS as
> >> one of its sources of name information. If the system resolver
> does look
> >> at DNS at all, it'll do so by generating recursive rather than
> >> non-recursive queries. So for a valid comparison to what "ping" is
> >> seeing, you should do recursive rather than non-recursive queries.
> >
> > He did. Don't you see "rd" (Recursion Desired) in the "flags:" field?
> > It's the server that has recursion disabled (hence the missing "ra"
> > flag), not the client.
> >
>
> I just duplicated the OP results. Using a Windows resolver with a
> c:\windows\system32\drivers\etc\resolv.conf pointing at an authoritative
> only name server, I get the same results (as expected). Which is
> exactly what Kevin was trying to explain. "Dig" used the resolv.conf
> and "ping" used the system configured recursive name server.
>
> C:\WINDOWS\system32\drivers\etc>dig www.slashdot.net
>
> ; <<>> DiG 9.3.2 <<>> www.slashdot.net
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1192
> ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;www.slashdot.net. IN A
>
> ;; AUTHORITY SECTION:
> .. 3600000 IN NS A.ROOT-SERVERS.net.
> .. 3600000 IN NS B.ROOT-SERVERS.net.
> .. 3600000 IN NS C.ROOT-SERVERS.net.
> .. 3600000 IN NS D.ROOT-SERVERS.net.
> .. 3600000 IN NS E.ROOT-SERVERS.net.
> .. 3600000 IN NS F.ROOT-SERVERS.net.
> .. 3600000 IN NS G.ROOT-SERVERS.net.
> .. 3600000 IN NS H.ROOT-SERVERS.net.
> .. 3600000 IN NS I.ROOT-SERVERS.net.
> .. 3600000 IN NS J.ROOT-SERVERS.net.
> .. 3600000 IN NS K.ROOT-SERVERS.net.
> .. 3600000 IN NS L.ROOT-SERVERS.net.
> .. 3600000 IN NS M.ROOT-SERVERS.net.
>
> ;; Query time: 46 msec
> ;; SERVER: 66.218.71.63#53(66.218.71.63)
> ;; WHEN: Thu Apr 20 19:55:21 2006
> ;; MSG SIZE rcvd: 242
>
>
> C:\WINDOWS\system32\drivers\etc>ping www.slashdot.net
>
> Pinging www.slashdot.net [208.254.3.166] with 32 bytes of data:
>
>
>
More information about the bind-users
mailing list