nslookup with Bind9 and absolutes
Jim Reid
jim at rfc1035.com
Tue Apr 12 16:34:40 UTC 2005
On Apr 12, 2005, at 16:44, Stephen Williams wrote:
> Hey all I have a strange thing going on with my boxes any box that I
> have installed Bind 9.x.x on when I try to do a nslookup at the root
> level I can't get a response can anyone help,
You *are* getting a response. It's just that the behaviour of the two
versions of nslookup you're using is different. This is hardly
surprising since nslookup is a brain-dead utility that causes more
problems than it solves. [Consult the list archives for details.]
Please use dig for querying name servers and DNS troubleshooting. If
you'd used dig, you would have seen what was actually in the reply from
a.root-servers.net when you asked it for an A record for com: a record
that doesn't exist BTW.
Here's what you get back when you use a proper lookup tool to make that
query:
% dig @a.root-servers.net com
; <<>> DiG 9.3.1 <<>> @a.root-servers.net com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1958
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 15
;; QUESTION SECTION:
;com. IN A
;; AUTHORITY SECTION:
com. 172800 IN NS A.GTLD-SERVERS.NET.
com. 172800 IN NS G.GTLD-SERVERS.NET.
com. 172800 IN NS H.GTLD-SERVERS.NET.
com. 172800 IN NS C.GTLD-SERVERS.NET.
com. 172800 IN NS I.GTLD-SERVERS.NET.
com. 172800 IN NS B.GTLD-SERVERS.NET.
com. 172800 IN NS D.GTLD-SERVERS.NET.
com. 172800 IN NS L.GTLD-SERVERS.NET.
com. 172800 IN NS F.GTLD-SERVERS.NET.
com. 172800 IN NS J.GTLD-SERVERS.NET.
com. 172800 IN NS K.GTLD-SERVERS.NET.
com. 172800 IN NS E.GTLD-SERVERS.NET.
com. 172800 IN NS M.GTLD-SERVERS.NET.
;; ADDITIONAL SECTION:
A.GTLD-SERVERS.NET. 172800 IN AAAA 2001:503:a83e::2:30
A.GTLD-SERVERS.NET. 172800 IN A 192.5.6.30
G.GTLD-SERVERS.NET. 172800 IN A 192.42.93.30
H.GTLD-SERVERS.NET. 172800 IN A 192.54.112.30
C.GTLD-SERVERS.NET. 172800 IN A 192.26.92.30
I.GTLD-SERVERS.NET. 172800 IN A 192.43.172.30
B.GTLD-SERVERS.NET. 172800 IN AAAA 2001:503:231d::2:30
B.GTLD-SERVERS.NET. 172800 IN A 192.33.14.30
D.GTLD-SERVERS.NET. 172800 IN A 192.31.80.30
L.GTLD-SERVERS.NET. 172800 IN A 192.41.162.30
F.GTLD-SERVERS.NET. 172800 IN A 192.35.51.30
J.GTLD-SERVERS.NET. 172800 IN A 192.48.79.30
K.GTLD-SERVERS.NET. 172800 IN A 192.52.178.30
E.GTLD-SERVERS.NET. 172800 IN A 192.12.94.30
M.GTLD-SERVERS.NET. 172800 IN A 192.55.83.30
;; Query time: 152 msec
;; SERVER: 198.41.0.4#53(a.root-servers.net)
;; WHEN: Tue Apr 12 17:27:56 2005
;; MSG SIZE rcvd: 509
This is the expected response: a referral. The old (even more
brain-damaged) version of nslookup you used
printed out stuff from the Authority Section of the reply, misleading
you into believing that the info was in the (empty) Answer Section. Now
you know one of the reasons why you shouldn't use nslookup.
More information about the bind-users
mailing list