Question about dig +trace
Maechler Philippe
plcmaechler at vtxmail.ch
Mon Apr 14 09:07:33 UTC 2008
Does anybody have an idea why i can't do a dig +trace anymore
My config is:
> more /etc/resolv.conf
nameserver 127.0.0.1
> dig +trace -x 80.242.194.146
; <<>> DiG 9.4.1-P1 <<>> +trace -x 80.242.194.146
;; global options: printcmd
. 408270 IN NS D.ROOT-SERVERS.NET.
. 408270 IN NS J.ROOT-SERVERS.NET.
. 408270 IN NS G.ROOT-SERVERS.NET.
. 408270 IN NS F.ROOT-SERVERS.NET.
. 408270 IN NS I.ROOT-SERVERS.NET.
. 408270 IN NS B.ROOT-SERVERS.NET.
. 408270 IN NS M.ROOT-SERVERS.NET.
. 408270 IN NS K.ROOT-SERVERS.NET.
. 408270 IN NS A.ROOT-SERVERS.NET.
. 408270 IN NS E.ROOT-SERVERS.NET.
. 408270 IN NS H.ROOT-SERVERS.NET.
. 408270 IN NS C.ROOT-SERVERS.NET.
. 408270 IN NS L.ROOT-SERVERS.NET.
;; Received 500 bytes from 127.0.0.1#53(127.0.0.1) in 0 ms
80.in-addr.arpa. 86400 IN NS NS3.NIC.FR.
80.in-addr.arpa. 86400 IN NS SEC1.APNIC.NET.
80.in-addr.arpa. 86400 IN NS SEC3.APNIC.NET.
80.in-addr.arpa. 86400 IN NS SUNIC.SUNET.SE.
80.in-addr.arpa. 86400 IN NS NS-EXT.ISC.ORG.
80.in-addr.arpa. 86400 IN NS NS-PRI.RIPE.NET.
80.in-addr.arpa. 86400 IN NS TINNIE.ARIN.NET.
;; Received 224 bytes from 192.36.148.17#53(I.ROOT-SERVERS.NET) in 24 ms
;; connection timed out; no servers could be reached
If I do the queries by hand i get correct results..
> dig -x 80.242.194.146 @d.root-servers.net
; <<>> DiG 9.4.1-P1 <<>> -x 80.242.194.146 @d.root-servers.net
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27813
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 7, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;146.194.242.80.in-addr.arpa. IN PTR
;; AUTHORITY SECTION:
80.in-addr.arpa. 86400 IN NS SEC3.APNIC.NET.
80.in-addr.arpa. 86400 IN NS TINNIE.ARIN.NET.
80.in-addr.arpa. 86400 IN NS NS3.NIC.FR.
80.in-addr.arpa. 86400 IN NS SEC1.APNIC.NET.
80.in-addr.arpa. 86400 IN NS NS-EXT.ISC.ORG.
80.in-addr.arpa. 86400 IN NS NS-PRI.RIPE.NET.
80.in-addr.arpa. 86400 IN NS SUNIC.SUNET.SE.
;; Query time: 101 msec
;; SERVER: 128.8.10.90#53(128.8.10.90)
;; WHEN: Thu Apr 10 15:30:51 2008
;; MSG SIZE rcvd: 224
> dig -x 80.242.194.146 @ns-pri.ripe.net
; <<>> DiG 9.4.1-P1 <<>> -x 80.242.194.146 @ns-pri.ripe.net
; (2 servers found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10254
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;146.194.242.80.in-addr.arpa. IN PTR
;; AUTHORITY SECTION:
194.242.80.in-addr.arpa. 172800 IN NS dns1.glattnet.ch.
194.242.80.in-addr.arpa. 172800 IN NS dns2.glattnet.ch.
;; Query time: 33 msec
;; SERVER: 193.0.0.195#53(193.0.0.195)
;; WHEN: Thu Apr 10 15:31:06 2008
;; MSG SIZE rcvd: 94
> dig -x 80.242.194.146 @sunic.sunet.se
; <<>> DiG 9.4.1-P1 <<>> -x 80.242.194.146 @sunic.sunet.se
; (2 servers found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28577
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;146.194.242.80.in-addr.arpa. IN PTR
;; AUTHORITY SECTION:
194.242.80.in-addr.arpa. 172800 IN NS dns1.glattnet.ch.
194.242.80.in-addr.arpa. 172800 IN NS dns2.glattnet.ch.
;; Query time: 33 msec
;; SERVER: 192.36.125.2#53(192.36.125.2)
;; WHEN: Thu Apr 10 15:31:15 2008
;; MSG SIZE rcvd: 94
If i do a tcp request i get an error that i can't connect to the ipv6
address, but i still get the result over v4
> dig -x 80.242.194.146 @sunic.sunet.se +tcp
;; Connection to 2001:6b0:7::2#53(2001:6b0:7::2) for
146.194.242.80.in-addr.arpa. failed: host unreachable.
; <<>> DiG 9.4.1-P1 <<>> -x 80.242.194.146 @sunic.sunet.se +tcp
; (2 servers found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15187
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;146.194.242.80.in-addr.arpa. IN PTR
;; AUTHORITY SECTION:
194.242.80.in-addr.arpa. 172800 IN NS dns2.glattnet.ch.
194.242.80.in-addr.arpa. 172800 IN NS dns1.glattnet.ch.
;; Query time: 33 msec
;; SERVER: 192.36.125.2#53(192.36.125.2)
;; WHEN: Thu Apr 10 15:31:18 2008
;; MSG SIZE rcvd: 94
Is it possible that a dig +trace tries to connect to an ipv6 address and
won't fallback to ipv4?
Is there a way to tell bind that it should only connect over ipv4?
If i set the query-source address in named.conf i still get the ipv6
connection warning from dig
Tia
Philippe
More information about the bind-users
mailing list