DIG Info Request
Linux Addict
linuxaddict7 at gmail.com
Tue Feb 3 20:05:20 UTC 2015
There was nothing changed on the system since 2012. The behavior changed
all of sudden. I am just curious where dig got root servers like "
b.root-servers.new.".
On Tue, Feb 3, 2015 at 2:56 PM, Leonard Mills <lenm at yahoo.com> wrote:
> >Let me take a step back. The original problem is "dig ."
> > would give SERVFAIL instead of NOERROR.
> >The "." is pointed to named.ca which looks normal.
>
> Without source code changes to your tools and/or replacement
> hints files "." invariably points to the root servers to be used by the
> (possibly local) DNS toolset.
>
> HTH,
> Len
>
>
>
> On Tuesday, February 3, 2015 11:47 AM, Linux Addict <
> linuxaddict7 at gmail.com> wrote:
>
>
> Actually I tried +trace from BIND server itself and still get the same
> answer. I did "dig . +trace @localhost"
>
>
> ; <<>> DiG 9.7.0-P1 <<>> . +trace @localhost
> ;; global options: +cmd
> . 346239 IN NS i.root-servers.new.
> . 346239 IN NS c.root-servers.new.
> . 346239 IN NS b.root-servers.new.
> . 346239 IN NS e.root-servers.new.
> . 346239 IN NS d.root-servers.new.
> . 346239 IN NS l.root-servers.new.
> . 346239 IN NS f.root-servers.new.
> . 346239 IN NS j.root-servers.new.
> . 346239 IN NS h.root-servers.new.
> . 346239 IN NS k.root-servers.new.
> . 346239 IN NS m.root-servers.new.
> . 346239 IN NS g.root-servers.new.
> ;; Received 405 bytes from localhost#53(localhost) in 1 ms
>
>
> On Tue, Feb 3, 2015 at 2:19 PM, Lyle Giese <lyle at lcrcomputer.net> wrote:
>
> 172.27.254.11 is giving you that info with the .new name servers. You
> need to ask whomever manages that server.
>
> Look at this line from your +trace output:
>
> Received 405 bytes from 172.27.254.11#53(172.27.254.11) in 1 ms
>
> Lyle
>
>
> On 2/3/2015 1:13 PM, Linux Addict wrote:
>
> Additional info - general: warning: checkhints: unable to find root NS
> 'b.root-servers.new' in hints
>
> I cant seem to find where the ".new" coming from...
>
>
> On Tue, Feb 3, 2015 at 2:07 PM, Linux Addict <linuxaddict7 at gmail.com>
> wrote:
>
> The named.ca seems good.
>
> ;; ANSWER SECTION:
> . 518400 IN NS C.ROOT-SERVERS.NET
> <http://c.root-servers.net/>.
> . 518400 IN NS I.ROOT-SERVERS.NET
> <http://i.root-servers.net/>.
> . 518400 IN NS F.ROOT-SERVERS.NET
> <http://f.root-servers.net/>.
> . 518400 IN NS B.ROOT-SERVERS.NET
> <http://b.root-servers.net/>.
> . 518400 IN NS L.ROOT-SERVERS.NET
> <http://l.root-servers.net/>.
> . 518400 IN NS D.ROOT-SERVERS.NET
> <http://d.root-servers.net/>.
> . 518400 IN NS J.ROOT-SERVERS.NET
> <http://j.root-servers.net/>.
> . 518400 IN NS K.ROOT-SERVERS.NET
> <http://k.root-servers.net/>.
> . 518400 IN NS E.ROOT-SERVERS.NET
> <http://e.root-servers.net/>.
> . 518400 IN NS A.ROOT-SERVERS.NET
> <http://a.root-servers.net/>.
> . 518400 IN NS M.ROOT-SERVERS.NET
> <http://m.root-servers.net/>.
> . 518400 IN NS G.ROOT-SERVERS.NET
> <http://g.root-servers.net/>.
> . 518400 IN NS H.ROOT-SERVERS.NET
> <http://h.root-servers.net/>.
>
>
>
> On Tue, Feb 3, 2015 at 2:02 PM, Lyle Giese <lyle at lcrcomputer.net> wrote:
>
> If I remember right, DIG does not know the root servers and asks the
> local host to retrieve that information and a server at 172.27.254.11(which
> is RFC 1918 address space) gave you that answer.
>
> Is your machine/shop setup with private root servers?
>
> Lyle
>
>
> On 2/3/2015 12:50 PM, Linux Addict wrote:
>
> I do dig . +trace and the results seem show .new servers. This is
> causing SERVFAIL for root query. Any ideas?
>
> dig . +trace
>
> ; <<>> DiG 9.7.0-P1 <<>> . +trace
> ;; global options: +cmd
> . 348510 IN NS b.root-servers.new.
> . 348510 IN NS h.root-servers.new.
> . 348510 IN NS l.root-servers.new.
> . 348510 IN NS f.root-servers.new.
> . 348510 IN NS m.root-servers.new.
> . 348510 IN NS k.root-servers.new.
> . 348510 IN NS i.root-servers.new.
> . 348510 IN NS e.root-servers.new.
> . 348510 IN NS g.root-servers.new.
> . 348510 IN NS j.root-servers.new.
> . 348510 IN NS c.root-servers.new.
> . 348510 IN NS d.root-servers.new.
> ;; Received 405 bytes from 172.27.254.11#53(172.27.254.11) in 1 ms
>
> ;; connection timed out; no servers could be reached
>
>
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>
> bind-users mailing listbind-users at lists.isc.orghttps://lists.isc.org/mailman/listinfo/bind-users
>
>
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
>
>
>
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
>
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20150203/a1644fea/attachment-0001.html>
More information about the bind-users
mailing list