DIG Info Request

Linux Addict linuxaddict7 at gmail.com
Tue Feb 3 19:34:41 UTC 2015 

Let me take a step back. The original problem is "dig ." would give
SERVFAIL instead of NOERROR.  The "." is pointed to named.ca which looks
normal.

On Tue, Feb 3, 2015 at 2:28 PM, Linux Addict <linuxaddict7 at gmail.com> wrote:

> Actually I tried +trace from BIND server itself and still get the same
> answer. I did "dig . +trace @localhost"
>
>
> ; <<>> DiG 9.7.0-P1 <<>> . +trace @localhost
> ;; global options: +cmd
> .                       346239  IN      NS      i.root-servers.new.
> .                       346239  IN      NS      c.root-servers.new.
> .                       346239  IN      NS      b.root-servers.new.
> .                       346239  IN      NS      e.root-servers.new.
> .                       346239  IN      NS      d.root-servers.new.
> .                       346239  IN      NS      l.root-servers.new.
> .                       346239  IN      NS      f.root-servers.new.
> .                       346239  IN      NS      j.root-servers.new.
> .                       346239  IN      NS      h.root-servers.new.
> .                       346239  IN      NS      k.root-servers.new.
> .                       346239  IN      NS      m.root-servers.new.
> .                       346239  IN      NS      g.root-servers.new.
> ;; Received 405 bytes from localhost#53(localhost) in 1 ms
>
>
> On Tue, Feb 3, 2015 at 2:19 PM, Lyle Giese <lyle at lcrcomputer.net> wrote:
>
>>  172.27.254.11 is giving you that info with the .new name servers.  You
>> need to ask whomever manages that server.
>>
>> Look at this line from your +trace output:
>>
>> Received 405 bytes from 172.27.254.11#53(172.27.254.11) in 1 ms
>>
>> Lyle
>>
>>
>> On 2/3/2015 1:13 PM, Linux Addict wrote:
>>
>>  Additional info - general: warning: checkhints: unable to find root NS
>> 'b.root-servers.new' in hints
>>
>>  ​I cant seem to find where the ".new" coming from...​
>>
>>
>> On Tue, Feb 3, 2015 at 2:07 PM, Linux Addict <linuxaddict7 at gmail.com>
>> wrote:
>>
>>>  The named.ca seems good.
>>>
>>>  ;; ANSWER SECTION:
>>> .                       518400  IN      NS      C.ROOT-SERVERS.NET.
>>> .                       518400  IN      NS      I.ROOT-SERVERS.NET.
>>> .                       518400  IN      NS      F.ROOT-SERVERS.NET.
>>> .                       518400  IN      NS      B.ROOT-SERVERS.NET.
>>> .                       518400  IN      NS      L.ROOT-SERVERS.NET.
>>> .                       518400  IN      NS      D.ROOT-SERVERS.NET.
>>> .                       518400  IN      NS      J.ROOT-SERVERS.NET.
>>> .                       518400  IN      NS      K.ROOT-SERVERS.NET.
>>> .                       518400  IN      NS      E.ROOT-SERVERS.NET.
>>> .                       518400  IN      NS      A.ROOT-SERVERS.NET.
>>> .                       518400  IN      NS      M.ROOT-SERVERS.NET.
>>> .                       518400  IN      NS      G.ROOT-SERVERS.NET.
>>> .                       518400  IN      NS      H.ROOT-SERVERS.NET.
>>>
>>>
>>>
>>> On Tue, Feb 3, 2015 at 2:02 PM, Lyle Giese <lyle at lcrcomputer.net> wrote:
>>>
>>>>  If I remember right, DIG does not know the root servers and asks the
>>>> local host to retrieve that information and a server at 172.27.254.11(which
>>>> is RFC 1918 address space) gave you that answer.
>>>>
>>>> Is your machine/shop setup with private root servers?
>>>>
>>>> Lyle
>>>>
>>>>
>>>> On 2/3/2015 12:50 PM, Linux Addict wrote:
>>>>
>>>>   I do dig . +trace and the results seem show .new servers. This is
>>>> causing SERVFAIL for root query. Any ideas?
>>>>
>>>>   dig . +trace
>>>>
>>>>  ; <<>> DiG 9.7.0-P1 <<>> . +trace
>>>> ;; global options: +cmd
>>>> .                       348510  IN      NS      b.root-servers.new.
>>>> .                       348510  IN      NS      h.root-servers.new.
>>>> .                       348510  IN      NS      l.root-servers.new.
>>>> .                       348510  IN      NS      f.root-servers.new.
>>>> .                       348510  IN      NS      m.root-servers.new.
>>>> .                       348510  IN      NS      k.root-servers.new.
>>>> .                       348510  IN      NS      i.root-servers.new.
>>>> .                       348510  IN      NS      e.root-servers.new.
>>>> .                       348510  IN      NS      g.root-servers.new.
>>>> .                       348510  IN      NS      j.root-servers.new.
>>>> .                       348510  IN      NS      c.root-servers.new.
>>>> .                       348510  IN      NS      d.root-servers.new.
>>>> ;; Received 405 bytes from 172.27.254.11#53(172.27.254.11) in 1 ms
>>>>
>>>>  ;; connection timed out; no servers could be reached
>>>>
>>>>
>>>>
>>>>  _______________________________________________
>>>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>>>>
>>>> bind-users mailing listbind-users at lists.isc.orghttps://lists.isc.org/mailman/listinfo/bind-users
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
>>>> unsubscribe from this list
>>>>
>>>> bind-users mailing list
>>>> bind-users at lists.isc.org
>>>> https://lists.isc.org/mailman/listinfo/bind-users
>>>>
>>>
>>>
>>
>>
>> _______________________________________________
>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
>> unsubscribe from this list
>>
>> bind-users mailing list
>> bind-users at lists.isc.org
>> https://lists.isc.org/mailman/listinfo/bind-users
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20150203/08d956cb/attachment-0001.html>

More information about the bind-users mailing list