resolver's behavior

Barry Margolin barmar at alum.mit.edu
Thu Apr 20 23:59:43 UTC 2006 

In article <e28r65$16if$1 at sf1.isc.org>,
 "Frank Y.F. Luo" <luoy at muohio.edu> wrote:

> I am a little confused about a resolver's behavior, like ping command,
> nslookup command,
> 
> I am querying against a DNS server with recursive turned off

Why?  Unless you're *trying* to get errors, it doesn't make sense to 
have your resolver pointing to a non-recursive server.

> 
> #dig www.slashdot.com
> 
> ; <<>> DiG 9.2.4 <<>> www.slashdot.com
> ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1794
> ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 0
> 
> ;; QUESTION SECTION:
> ;www.slashdot.com.              IN      A
> 
> ;; AUTHORITY SECTION:
> .                       3600000 IN      NS      K.ROOT-SERVERS.NET.
> .                       3600000 IN      NS      L.ROOT-SERVERS.NET.
> .                       3600000 IN      NS      M.ROOT-SERVERS.NET.
> .                       3600000 IN      NS      A.ROOT-SERVERS.NET.
> .                       3600000 IN      NS      B.ROOT-SERVERS.NET.
> .                       3600000 IN      NS      C.ROOT-SERVERS.NET.
> .                       3600000 IN      NS      D.ROOT-SERVERS.NET.
> .                       3600000 IN      NS      E.ROOT-SERVERS.NET.
> .                       3600000 IN      NS      F.ROOT-SERVERS.NET.
> .                       3600000 IN      NS      G.ROOT-SERVERS.NET.
> .                       3600000 IN      NS      H.ROOT-SERVERS.NET.
> .                       3600000 IN      NS      I.ROOT-SERVERS.NET.
> .                       3600000 IN      NS      J.ROOT-SERVERS.NET.
> 
> ;; Query time: 23 msec
> ;
> 
> However, if i ping www.slashdot.com
> #ping www.slashdot.com
> PING slashdot.com (66.35.250.150): 56 data bytes
> 
> Obviously, ping got the name resolved! but How? I am confused

What's in your /etc/nsswitch.conf?  It may list other hostname lookup 
facilities beside DNS (do you have an entry for www.slashdot.com in your 
/etc/hosts?).  ping will use these, dig will not (since dig is designed 
specifically to test DNS).

> Also I did the same test on a Solaris box, dig returned the same message
> however the ping returned "unknown host www.slashdot.com.

The Solaris box's nsswitch.conf and/or /etc/hosts files are presumably 
different.

-- 
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***

More information about the bind-users mailing list