Recursive queries fail if query source port is not fixed
Hans F. Nordhaug
Hans.F.Nordhaug at hiMolde.no
Thu Aug 14 13:20:38 UTC 2008
This thread is turning too long, but I can't give up yet - sorry,
everyone.
* Andrey G. Sergeev (AKA Andris) <andris at aernet.ru> [2008-08-14]:
[cut]
> > Thx for replying. I did a query for the a record of images.yandex.ru
> > with and without the trace. With trace, I get a reply - without
> > trace, I don't (see below). (Well, I do - put after 3-4 repeated
> > queries.) I really don't get it.
>
> What number of queries you've done with trace enabled?
Oh, I tried many things ...
> > If I should guess, it must be dig sending the queries differently
> > when tracing.
>
> Yes. I suggest you to obtain a traffic dump between the g4.tibe.no and
> the outside world while doind the queries without trace enabled.
This is kind of what I did in my original post, but here we go again.
I start by flushing the cache and turning on tracing bind. Then I do the
query, which again has status SERVFAIL - which I guess corresponds to
the "view external: error" in /var/named/data/named.run. All data below.
Hans
-----
; <<>> DiG 9.3.4-P1 <<>> @g4.tibe.no images.yandex.ru. a
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 341
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;images.yandex.ru. IN A
;; Query time: 143 msec
;; SERVER: 213.161.248.67#53(213.161.248.67)
;; WHEN: Thu Aug 14 15:03:25 2008
;; MSG SIZE rcvd: 34
------
Output from "tcpdump proto UDP" (filtered):
15:03:25.742101 IP g4.tibe.no.41254 > G.ROOT-SERVERS.NET.domain: 41969 [1au] A? images.yandex.ru. (45)
15:03:25.881303 IP G.ROOT-SERVERS.NET.domain > g4.tibe.no.41254: 41969- 0/7/8 (322)
Full detail from /var/named/data/named.run:
client 213.161.248.67#40328: UDP request
client 213.161.248.67#40328: view external: request is not signed
client 213.161.248.67#40328: view external: recursion available
client 213.161.248.67#40328: view external: query
client 213.161.248.67#40328: view external: query (cache) 'images.yandex.ru/A/IN' approved
client 213.161.248.67#40328: view external: replace
clientmgr @0x8655330: createclients
clientmgr @0x8655330: recycle
createfetch: images.yandex.ru A
client @0x87ac580: udprecv
fctx 0x87b7b20(images.yandex.ru/A'): create
fctx 0x87b7b20(images.yandex.ru/A'): join
fetch 0x85de8f8 (fctx 0x87b7b20(images.yandex.ru/A)): created
fctx 0x87b7b20(images.yandex.ru/A'): start
fctx 0x87b7b20(images.yandex.ru/A'): try
fctx 0x87b7b20(images.yandex.ru/A'): cancelqueries
fctx 0x87b7b20(images.yandex.ru/A'): getaddresses
res 0xb41381f0: dns_resolver_prime
res 0xb41381f0: priming
createfetch: . NS
fctx 0xb3d04278(./NS'): create
fctx 0xb3d04278(./NS'): join
fetch 0xb3f00aa0 (fctx 0xb3d04278(./NS)): created
fctx 0xb3d04278(./NS'): start
fctx 0xb3d04278(./NS'): try
fctx 0xb3d04278(./NS'): cancelqueries
fctx 0xb3d04278(./NS'): getaddresses
res 0xb41381f0: dns_resolver_prime
res 0xb41381f0: dns_resolver_prime
res 0xb41381f0: dns_resolver_prime
res 0xb41381f0: dns_resolver_prime
res 0xb41381f0: dns_resolver_prime
res 0xb41381f0: dns_resolver_prime
res 0xb41381f0: dns_resolver_prime
res 0xb41381f0: dns_resolver_prime
res 0xb41381f0: dns_resolver_prime
res 0xb41381f0: dns_resolver_prime
res 0xb41381f0: dns_resolver_prime
res 0xb41381f0: dns_resolver_prime
fctx 0x87b7b20(images.yandex.ru/A'): query
fctx 0xb3d04278(./NS'): query
resquery 0xb3f02260 (fctx 0x87b7b20(images.yandex.ru/A)): send
resquery 0xb3f02260 (fctx 0x87b7b20(images.yandex.ru/A)): sent
resquery 0xb3f02260 (fctx 0x87b7b20(images.yandex.ru/A)): senddone
fctx 0xb3d04278(./NS'): done
fctx 0xb3d04278(./NS'): stopeverything
fctx 0xb3d04278(./NS'): cancelqueries
fctx 0xb3d04278(./NS'): sendevents
fetch 0xb3f00aa0 (fctx 0xb3d04278(./NS)): destroyfetch
fctx 0xb3d04278(./NS'): shutdown
fctx 0xb3d04278(./NS'): doshutdown
fctx 0xb3d04278(./NS'): stopeverything
fctx 0xb3d04278(./NS'): cancelqueries
fctx 0xb3d04278(./NS'): destroy
resquery 0xb3f02260 (fctx 0x87b7b20(images.yandex.ru/A)): response
fctx 0x87b7b20(images.yandex.ru/A'): noanswer_response
fctx 0x87b7b20(images.yandex.ru/A'): cache_message
fctx 0x87b7b20(images.yandex.ru/A'): cancelquery
fctx 0x87b7b20(images.yandex.ru/A'): cancelqueries
fctx 0x87b7b20(images.yandex.ru/A'): try
fctx 0x87b7b20(images.yandex.ru/A'): cancelqueries
fctx 0x87b7b20(images.yandex.ru/A'): getaddresses
fctx 0x87b7b20(images.yandex.ru/A'): query
fctx 0x87b7b20(images.yandex.ru/A'): done
fctx 0x87b7b20(images.yandex.ru/A'): stopeverything
fctx 0x87b7b20(images.yandex.ru/A'): cancelqueries
fctx 0x87b7b20(images.yandex.ru/A'): sendevents
fetch 0x85de8f8 (fctx 0x87b7b20(images.yandex.ru/A)): destroyfetch
fctx 0x87b7b20(images.yandex.ru/A'): shutdown
fctx 0x87b7b20(images.yandex.ru/A'): doshutdown
fctx 0x87b7b20(images.yandex.ru/A'): stopeverything
fctx 0x87b7b20(images.yandex.ru/A'): cancelqueries
fctx 0x87b7b20(images.yandex.ru/A'): destroy
client 213.161.248.67#40328: view external: error
client 213.161.248.67#40328: view external: send
client 213.161.248.67#40328: view external: sendto
client 213.161.248.67#40328: view external: senddone
client 213.161.248.67#40328: view external: next
client 213.161.248.67#40328: view external: endrequest
More information about the bind-users
mailing list