DIG Info Request

Leonard Mills lenm at yahoo.com
Tue Feb 3 19:56:25 UTC 2015 

>Let me take a step back. The original problem is "dig ." 
> would give SERVFAIL instead of NOERROR.  
>The "." is pointed to named.ca which looks normal. 

Without source code changes to your tools and/or replacement 
hints files "." invariably points to the root servers to be used by the (possibly local) DNS toolset.
HTH,Len

 

     On Tuesday, February 3, 2015 11:47 AM, Linux Addict <linuxaddict7 at gmail.com> wrote:
   

 Actually I tried +trace from BIND server itself and still get the same answer. I did "dig . +trace @localhost"

; <<>> DiG 9.7.0-P1 <<>> . +trace @localhost;; global options: +cmd.                       346239  IN      NS      i.root-servers.new..                       346239  IN      NS      c.root-servers.new..                       346239  IN      NS      b.root-servers.new..                       346239  IN      NS      e.root-servers.new..                       346239  IN      NS      d.root-servers.new..                       346239  IN      NS      l.root-servers.new..                       346239  IN      NS      f.root-servers.new..                       346239  IN      NS      j.root-servers.new..                       346239  IN      NS      h.root-servers.new..                       346239  IN      NS      k.root-servers.new..                       346239  IN      NS      m.root-servers.new..                       346239  IN      NS      g.root-servers.new.;; Received 405 bytes from localhost#53(localhost) in 1 ms

On Tue, Feb 3, 2015 at 2:19 PM, Lyle Giese <lyle at lcrcomputer.net> wrote:

   172.27.254.11 is giving you that info with the .new name servers.  You need to ask whomever manages that server.
 
 Look at this line from your +trace output:
 
 Received 405 bytes from 172.27.254.11#53(172.27.254.11) in 1 ms
 
 Lyle
 
 On 2/3/2015 1:13 PM, Linux Addict wrote:
  
  Additional info - general: warning: checkhints: unable to find root NS 'b.root-servers.new' in hints 
   ​I cant seem to find where the ".new" coming from...​ 
   
 On Tue, Feb 3, 2015 at 2:07 PM, Linux Addict <linuxaddict7 at gmail.com> wrote:
 
  The named.ca seems good. 
   ;; ANSWER SECTION: .                       518400  IN      NS      C.ROOT-SERVERS.NET. .                       518400  IN      NS      I.ROOT-SERVERS.NET. .                       518400  IN      NS      F.ROOT-SERVERS.NET. .                       518400  IN      NS      B.ROOT-SERVERS.NET. .                       518400  IN      NS      L.ROOT-SERVERS.NET. .                       518400  IN      NS      D.ROOT-SERVERS.NET. .                       518400  IN      NS      J.ROOT-SERVERS.NET. .                       518400  IN      NS      K.ROOT-SERVERS.NET. .                       518400  IN      NS      E.ROOT-SERVERS.NET. .                       518400  IN      NS      A.ROOT-SERVERS.NET. .                       518400  IN      NS      M.ROOT-SERVERS.NET. .                       518400  IN      NS      G.ROOT-SERVERS.NET. .                       518400  IN      NS      H.ROOT-SERVERS.NET. 
  
      
 On Tue, Feb 3, 2015 at 2:02 PM, Lyle Giese <lyle at lcrcomputer.net> wrote:
 
  If I remember right, DIG does not know the root servers and asks the local host to retrieve that information and a server at  172.27.254.11(which is RFC 1918 address space) gave you that answer.
 
 Is your machine/shop setup with private root servers?
 
 Lyle  
 
 On 2/3/2015 12:50 PM, Linux Addict wrote:
    
    I do dig . +trace and the results seem show .new servers. This is causing SERVFAIL for root query. Any ideas? 
    dig . +trace 
  ; <<>> DiG 9.7.0-P1 <<>> . +trace ;; global options: +cmd .                       348510  IN      NS      b.root-servers.new. .                       348510  IN      NS      h.root-servers.new. .                       348510  IN      NS      l.root-servers.new. .                       348510  IN      NS      f.root-servers.new. .                       348510  IN      NS      m.root-servers.new. .                       348510  IN      NS      k.root-servers.new. .                       348510  IN      NS      i.root-servers.new. .                       348510  IN      NS      e.root-servers.new. .                       348510  IN      NS      g.root-servers.new. .                       348510  IN      NS      j.root-servers.new. .                       348510  IN      NS      c.root-servers.new. .                       348510  IN      NS      d.root-servers.new. ;; Received 405 bytes from 172.27.254.11#53(172.27.254.11) in 1 ms 
  ;; connection timed out; no servers could be reached 
    
  
   _______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
bind-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users 
 
  
 _______________________________________________
 Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
 
 bind-users mailing list
 bind-users at lists.isc.org
 https://lists.isc.org/mailman/listinfo/bind-users
 
  
    
  
  
 
 
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
bind-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users



_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
bind-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

   
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20150203/70f0c77c/attachment-0001.html>

More information about the bind-users mailing list