help debug a BIND problem (debug output)

[Barry Margolin]

In article <Pine.OSF.4.10.10002181826190.11498-100000 at singapura.singnet.com.sg>,
Mathias Koerber  <mathias at staff.singnet.com.sg> wrote:
>Hi all,
>
>I have a wierd problem doing certain DNS lookups, and would like to 
>solicit help with reading the BIND debug output.
>
>I'm using BIND-8.2.2p5
>
>The Problem:  None of my nameservers can perform DNS lookups
>for www.chijstcs.moe.edu.sg, yet dig(1) queries for the same (from the
>same nameserver to the auth NS of the domain) work fine:

You did better than I could.  I couldn't get a response when I queried the
auth NS unless I used TCP -- I timed out completely when using UDP, but TCP
works (slowly -- response time was 4-10 seconds).  I used snoop to make
sure that I wasn't getting a response from a different address that dig
might have been ignoring; I saw no responses at all.

Pings also don't work to 166.121.9.200, but traceroute does.

>	1. Am I correct in my reading of the debug log?

I think so.

>	2. Why would the remote NS reply from a different IP address?

It has multiple NICs or virtual addresses, and the other IP address is the
preferred interface for sending replies back to you.

>	2.a	Was this a sknown problem in a previ version of BIND or any other NS?
>		(I have not managed to speak to the remote admin yet, I actually wanted
>		some more data before I contact them).

This was a known problem in BIND 4.8.

>	3. Does dig(1) not care about the sender's IP address, but BIND does?

BIND definitely does, and I thought dig would as well, but perhaps not.

-- 
Barry Margolin, barmar at bbnplanet.com
GTE Internetworking, Powered by BBN, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.