A SOA Problem
Phaniraj Ranganath
hrphani at gmail.com
Wed May 14 09:40:40 UTC 2008
Any pointers to understand output of dig - like headers, flags.
Thanks,
Phaniraj
On Wed, May 14, 2008 at 9:23 AM, Barry Margolin <barmar at alum.mit.edu> wrote:
> In article <g0dis8$2hes$1 at sf1.isc.org>, "?U'?" <desccie at gmail.com>
> wrote:
>
> > hi,all
> >
> > I have a SOA problem resolving a domain name.
> >
> > [root at redhat ~]# dig @202.96.209.5 sonystyle.com.cn +trace
> >
> > ; <<>> DiG 9.2.4 <<>> @202.96.209.5 sonystyle.com.cn +trace
> > ;; global options: printcmd
> > . 444044 IN NS g.root-servers.net.
> > . 444044 IN NS h.root-servers.net.
> > . 444044 IN NS i.root-servers.net.
> > . 444044 IN NS j.root-servers.net.
> > . 444044 IN NS k.root-servers.net.
> > . 444044 IN NS l.root-servers.net.
> > . 444044 IN NS m.root-servers.net.
> > . 444044 IN NS a.root-servers.net.
> > . 444044 IN NS b.root-servers.net.
> > . 444044 IN NS c.root-servers.net.
> > . 444044 IN NS d.root-servers.net.
> > . 444044 IN NS e.root-servers.net.
> > . 444044 IN NS f.root-servers.net.
> > ;; Received 228 bytes from 202.96.209.5#53(202.96.209.5)<http://202.96.209.5#53%28202.96.209.5%29>in 160 ms
> >
> > cn. 172800 IN NS E.DNS.cn.
> > cn. 172800 IN NS A.DNS.cn.
> > cn. 172800 IN NS B.DNS.cn.
> > cn. 172800 IN NS D.DNS.cn.
> > cn. 172800 IN NS NS.CERNET.NET.
> > cn. 172800 IN NS C.DNS.cn.
> > ;; Received 297 bytes from 192.112.36.4#53(g.root-servers.net)<http://192.112.36.4#53%28g.root-servers.net%29>in 370 ms
> >
> > sonystyle.com.cn. 21600 IN NS ns1.sony.com.cn.
> > sonystyle.com.cn. 21600 IN NS ns2.sony.com.cn.
> > ;; Received 107 bytes from 203.119.29.1#53(E.DNS.cn)<http://203.119.29.1#53%28E.DNS.cn%29>in 36 ms
> >
> > sonystyle.com.cn. 3600 IN SOA ns1.sony.com.cn.
> > root.sony.com.cn. 2008042218 60 300 172800 3600
> > ;; Received 84 bytes from 61.129.39.70#53(ns1.sony.com.cn)<http://61.129.39.70#53%28ns1.sony.com.cn%29>in 16 ms
> >
> >
> > [root at redhat ~]# dig @202.96.209.5 sonystyle.com.cn
> >
> > ; <<>> DiG 9.2.4 <<>> @202.96.209.5 sonystyle.com.cn
> > ;; global options: printcmd
> > ;; Got answer:
> > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36046
> > ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
> >
> > ;; QUESTION SECTION:
> > ;sonystyle.com.cn. IN A
> >
> > ;; AUTHORITY SECTION:
> > sonystyle.com.cn. 1800 IN SOA scnns.sony.com.cn.
> > root.scnns.sony.com.cn. 2008042218 60 300 172800 1800
> >
> > ;; Query time: 40 msec
> > ;; SERVER: 202.96.209.5#53(202.96.209.5)<http://202.96.209.5#53%28202.96.209.5%29>
> > ;; WHEN: Fri May 16 12:38:54 2008
> > ;; MSG SIZE rcvd: 86
> >
> > [root at redhat ~]# dig @202.106.196.115 sonystyle.com.cn
> >
> > ; <<>> DiG 9.2.4 <<>> @202.106.196.115 sonystyle.com.cn
> > ;; global options: printcmd
> > ;; Got answer:
> > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9255
> > ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
> >
> > ;; QUESTION SECTION:
> > ;sonystyle.com.cn. IN A
> >
> > ;; AUTHORITY SECTION:
> > sonystyle.com.cn. 1035 IN SOA ns2.sony.com.cn.
> > root.sony.com.cn. 2008042218 60 300 172800 3600
> >
> > ;; Query time: 55 msec
> > ;; SERVER: 202.106.196.115#53(202.106.196.115)<http://202.106.196.115#53%28202.106.196.115%29>
> > ;; WHEN: Fri May 16 12:40:23 2008
> > ;; MSG SIZE rcvd: 84
> >
> > Why the SOA record are different in the above ?
>
> 202.96.209.5 is apparently configured as authoritative for the
> sonystyle.com.cn domain (notice the "aa" flag in its answer), so it
> doesn't query the servers that the domain is delegated to. It has its
> own SOA record, which is different from the one on the official server.
>
> --
> Barry Margolin, barmar at alum.mit.edu
> Arlington, MA
> *** PLEASE don't copy me on replies, I'll read them in the group ***
>
>
More information about the bind-users
mailing list