Queries regarding forwarders
Blason R
blason16 at gmail.com
Wed Aug 8 14:02:56 UTC 2018
Hi there,
I am bit confused about DNS forwarders. I have two BIND Servers one is
being used as Authoritative DNS server which has forwarder set to other
server like this
Auth Server for xvyz.com 192.168.3.15
Recursive Server 192.168.3.44
Now if I am debugging from client side using -debug option I see
192.168.3.15 is directly resolving with ROOT DNS Servers though I have
recursive no; option set in my BIND config. Ideally the query should have
gone to 192.168.3.44 but in debug I am seeing the below output.
Well how do I trace if forwarding is happening?
************************
C:\Users\Administrator>nslookup -type=a -debug www.cisco.com
------------
Got answer:
HEADER:
opcode = QUERY, id = 1, rcode = NOERROR
header flags: response, auth. answer, want recursion, recursion
questions = 1, answers = 1, authority records = 2, additional
QUESTIONS:
15.3.168.192.in-addr.arpa, type = PTR, class = IN
ANSWERS:
-> 15.3.168.192.in-addr.arpa
name = dns.xyz.com
ttl = 10800 (3 hours)
AUTHORITY RECORDS:
-> 3.168.192.in-addr.arpa
nameserver = dns02.xyz.com
ttl = 10800 (3 hours)
-> 3.168.192.in-addr.arpa
nameserver = dns.xyz.com
ttl = 10800 (3 hours)
ADDITIONAL RECORDS:
-> dns.xyz.com
internet address = 192.168.3.15
ttl = 10800 (3 hours)
-> dns02.xyz.com
internet address = 192.168.3.14
ttl = 10800 (3 hours)
------------
Server: dns.xyz.com
Address: 192.168.3.15
------------
Got answer:
HEADER:
opcode = QUERY, id = 2, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 5, authority records = 13, additiona
QUESTIONS:
www.cisco.com, type = A, class = IN
ANSWERS:
-> www.cisco.com
canonical name = www.cisco.com.akadns.net
ttl = 838 (13 mins 58 secs)
-> www.cisco.com.akadns.net
canonical name = wwwds.cisco.com.edgekey.net
ttl = 299 (4 mins 59 secs)
-> wwwds.cisco.com.edgekey.net
canonical name = wwwds.cisco.com.edgekey.net.globalredir.akadns.
ttl = 14531 (4 hours 2 mins 11 secs)
-> wwwds.cisco.com.edgekey.net.globalredir.akadns.net
canonical name = e2867.dsca.akamaiedge.net
ttl = 3599 (59 mins 59 secs)
-> e2867.dsca.akamaiedge.net
internet address = 23.57.126.108
ttl = 19 (19 secs)
AUTHORITY RECORDS:
-> net
nameserver = a.gtld-servers.net
ttl = 4663 (1 hour 17 mins 43 secs)
-> net
nameserver = l.gtld-servers.net
ttl = 4663 (1 hour 17 mins 43 secs)
-> net
nameserver = e.gtld-servers.net
ttl = 4663 (1 hour 17 mins 43 secs)
-> net
nameserver = i.gtld-servers.net
ttl = 4663 (1 hour 17 mins 43 secs)
-> net
nameserver = d.gtld-servers.net
ttl = 4663 (1 hour 17 mins 43 secs)
-> net
nameserver = f.gtld-servers.net
ttl = 4663 (1 hour 17 mins 43 secs)
-> net
nameserver = b.gtld-servers.net
ttl = 4663 (1 hour 17 mins 43 secs)
-> net
nameserver = h.gtld-servers.net
ttl = 4663 (1 hour 17 mins 43 secs)
-> net
nameserver = g.gtld-servers.net
ttl = 4663 (1 hour 17 mins 43 secs)
-> net
nameserver = c.gtld-servers.net
ttl = 4663 (1 hour 17 mins 43 secs)
-> net
nameserver = k.gtld-servers.net
ttl = 4663 (1 hour 17 mins 43 secs)
-> net
nameserver = j.gtld-servers.net
ttl = 4663 (1 hour 17 mins 43 secs)
-> net
nameserver = m.gtld-servers.net
ttl = 4663 (1 hour 17 mins 43 secs)
ADDITIONAL RECORDS:
-> m.gtld-servers.net
internet address = 192.55.83.30
ttl = 103500 (1 day 4 hours 45 mins)
-> m.gtld-servers.net
AAAA IPv6 address = 2001:501:b1f9::30
ttl = 163960 (1 day 21 hours 32 mins 40 secs)
-> d.gtld-servers.net
internet address = 192.31.80.30
ttl = 77579 (21 hours 32 mins 59 secs)
------------
Non-authoritative answer:
Name: e2867.dsca.akamaiedge.net
Address: 23.57.126.108
Aliases: www.cisco.com
www.cisco.com.akadns.net
wwwds.cisco.com.edgekey.net
wwwds.cisco.com.edgekey.net.globalredir.akadns.net
C:\Users\Administrator>
**************************************
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20180808/5e29abd6/attachment.html>
More information about the bind-users
mailing list