Delegation not working

Todd Snyder tsnyder at rim.com
Thu May 7 19:28:06 UTC 2009 

+trace forces the server to go to the root.  It doesn't necessarily
represent the path your query would normally take.  If the server you
are querying is authoritative for the zone you are querying, it will
still trace from the root.  This feature is, sadly, not as useful in an
internal DNS configuration, where recursion from the root isn't used.
That seems to be the situation you're in (not able to reach the root)

At least, that is my interpretation of it.

Todd.

-----Original Message-----
From: bind-users-bounces at lists.isc.org
[mailto:bind-users-bounces at lists.isc.org] On Behalf Of Mike Bernhardt
Sent: Thursday, May 07, 2009 3:22 PM
To: 'Chris Buxton'
Cc: bind-users at lists.isc.org
Subject: RE: Delegation not working

Reformatting the dig request gives the following:

dig +trace @athena -x 10.0.2.252

; <<>> DiG 9.3.4 <<>> +trace @athena -x 10.0.2.252 ; (1 server found) ;;
global options:  printcmd
.                       163824  IN      NS      K.ROOT-SERVERS.NET.
.                       163824  IN      NS      L.ROOT-SERVERS.NET.
.                       163824  IN      NS      M.ROOT-SERVERS.NET.
.                       163824  IN      NS      A.ROOT-SERVERS.NET.
.                       163824  IN      NS      B.ROOT-SERVERS.NET.
.                       163824  IN      NS      C.ROOT-SERVERS.NET.
.                       163824  IN      NS      D.ROOT-SERVERS.NET.
.                       163824  IN      NS      E.ROOT-SERVERS.NET.
.                       163824  IN      NS      F.ROOT-SERVERS.NET.
.                       163824  IN      NS      G.ROOT-SERVERS.NET.
.                       163824  IN      NS      H.ROOT-SERVERS.NET.
.                       163824  IN      NS      I.ROOT-SERVERS.NET.
.                       163824  IN      NS      J.ROOT-SERVERS.NET.

;; Received 500 bytes from 148.165.30.30#53(148.165.30.30) in 0 ms

;; connection timed out; no servers could be reached Since this server
can't reach the root servers, this makes sense. But apparently it isn't
following delegation.

-----Original Message-----
From: Chris Buxton [mailto:cbuxton at menandmice.com]
Sent: Thursday, May 07, 2009 12:19 PM
To: Mike Bernhardt
Cc: bind-users at lists.isc.org
Subject: Re: Delegation not working

On May 7, 2009, at 12:06 PM, Mike Bernhardt wrote:
> dig -x +trace @athena 10.0.2.252
>
> ;; QUESTION SECTION:
> ;+trace.in-addr.arpa.           IN      PTR
>
> ;; QUESTION SECTION:
> ;10.0.2.252.                    IN      A

You've given dig the wrong arguments. You gave it two queries, indicated
above, neither of which is what you wanted.

Try this:

dig @athena -x 10.0.2.252

Chris Buxton
Professional Services
Men & Mice

_______________________________________________
bind-users mailing list
bind-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

---------------------------------------------------------------------
This transmission (including any attachments) may contain confidential information, privileged material (including material protected by the solicitor-client or other applicable privileges), or constitute non-public information. Any use of this information by anyone other than the intended recipient is prohibited. If you have received this transmission in error, please immediately reply to the sender and delete this information from your system. Use, dissemination, distribution, or reproduction of this transmission by unintended recipients is not authorized and may be unlawful.

More information about the bind-users mailing list