Problem resolving name.

Fabiano Silos Reis fsilos at ig.com
Thu Nov 11 13:09:36 UTC 2004 

> I=B4m using bind version 9.3.0 configured as a dns cache server. I=B4m
> experiencing a strange situation here and I have no idea if it is a
> bug issue or not. Just wanna some help from you gurus... When I try
> to resolve www.jfce.gov.br <http://www.jfce.gov.br/>  using this dns
> server I receive a timeout response. I traced this query using debug
> level 99. Do anyone have any clue of what I s going on? =20
> 10-Nov-2004 12:21:34.351 dispatch 0x81f1f38 response 0x821e578
> 200.166.132.11#53: attached to task 0x81f9f88
>=20
> 10-Nov-2004 12:21:34.351 resquery 0x821f3e8 (fctx=20
> 0x821ad58(www.jfce.gov.br/A)): sent

> > It has found 200.166.132.11, which is one of the nameservers for =
jfce.gov.br

> 10-Nov-2004 12:21:36.351 dispatch 0x81f1f38 response 0x821f6d0 =
200.166.132.10#53: attached to task 0x81f9f88

> > And 200.166.132.10 is the other one, so looks like a problem between
> > your server and those two.  Can you query them directly, eg
> >  dig @200.166.132.10 www.jfce.gov.br. a +norec
> >I can from here.  Ah, but not if I use port 53 as the query-source,
> > so could be their firewall is refusing queries from port 53.

Hi Ronan,

Firewall? Hmm, do you know some tool to make dns request choosing the =
port for the query-source?

I tried (looks good):

$ dig @200.166.132.10 www.jfce.gov.br. a +norec

; <<>> DiG 9.2.3 <<>> @200.166.132.10 www.jfce.gov.br. a +norec
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39425
;; flags: qr aa ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;www.jfce.gov.br.               IN      A

;; ANSWER SECTION:
www.jfce.gov.br.        78000   IN      A       200.166.132.18

;; AUTHORITY SECTION:
jfce.gov.br.            78000   IN      NS      ns1.jfce.gov.br.
jfce.gov.br.            78000   IN      NS      ns2.jfce.gov.br.

;; ADDITIONAL SECTION:
ns1.jfce.gov.br.        78000   IN      A       200.166.132.10
ns2.jfce.gov.br.        78000   IN      A       200.166.132.11

;; Query time: 62 msec
;; SERVER: 200.166.132.10#53(200.166.132.10)
;; WHEN: Thu Nov 11 11:07:55 2004
;; MSG SIZE  rcvd: 117


$ dig @200.166.132.11 www.jfce.gov.br. a +norec

; <<>> DiG 9.2.3 <<>> @200.166.132.11 www.jfce.gov.br. a +norec
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 323
;; flags: qr aa ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;www.jfce.gov.br.               IN      A

;; ANSWER SECTION:
www.jfce.gov.br.        78000   IN      A       200.166.132.18

;; AUTHORITY SECTION:
jfce.gov.br.            78000   IN      NS      ns1.jfce.gov.br.
jfce.gov.br.            78000   IN      NS      ns2.jfce.gov.br.

;; ADDITIONAL SECTION:
ns1.jfce.gov.br.        78000   IN      A       200.166.132.10
ns2.jfce.gov.br.        78000   IN      A       200.166.132.11

;; Query time: 60 msec
;; SERVER: 200.166.132.11#53(200.166.132.11)
;; WHEN: Thu Nov 11 11:08:27 2004
;; MSG SIZE  rcvd: 117

More information about the bind-users mailing list