No subject
Diego Garcia
diegargon at gmail.com
Tue Jan 11 18:29:28 UTC 2022
Hello
This days i got a strange behavior in my network/bind server.
Each 20/30 minutes and lasting about 5 minutes i got 'timeout' in bind
querys. After that time everything works fine again.
My bind server got response (from 0.1 to 2 seconds) but reply with a ICMP
'port unreachable'.
Any idea the problem or what i can check?
Firewall is off while testing.
My bind server is a NAT router.
I install bind in other server (VM with debian), default config, i got same
problem, seems something wrong in the nat router perhaps?
But the only problem seems in bind/udp querys
The server is running latest Ubuntu Server LTS 20.04.03 , doing
Nat/Firewall, DHCP Server and DNS server. Nothing more, no X.
It's a J1800 (dual core) 4GB ram.
I ask in servfault too
https://serverfault.com/questions/1089585/bind-timeout-and-icmp-reply-port-unreachable
thanks
ICMP msg
```
Frame 4701: 150 bytes on wire (1200 bits), 150 bytes captured (1200 bits)
Encapsulation type: Ethernet (1)
Arrival Time: Jan 9, 2022 23:06:50.500852000 Hora estándar romance
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1641766010.500852000 seconds
[Time delta from previous captured frame: 0.006536000 seconds]
[Time delta from previous displayed frame: 0.006536000 seconds]
[Time since reference or first frame: 14.917496000 seconds]
Frame Number: 4701
Frame Length: 150 bytes (1200 bits)
Capture Length: 150 bytes (1200 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: eth:ethertype:ip:udp:dns]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Ethernet II, Src: MitraSta_a5:80:e3 (e4:ab:89:a5:80:e3), Dst:
ASUSTekC_85:b5:f6 (78:24:af:85:b5:f6)
Destination: ASUSTekC_85:b5:f6 (78:24:af:85:b5:f6)
Address: ASUSTekC_85:b5:f6 (78:24:af:85:b5:f6)
.... ..0. .... .... .... .... = LG bit: Globally unique address
(factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Source: MitraSta_a5:80:e3 (e4:ab:89:a5:80:e3)
Address: MitraSta_a5:80:e3 (e4:ab:89:a5:80:e3)
.... ..0. .... .... .... .... = LG bit: Globally unique address
(factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Type: IPv4 (0x0800)
Internet Protocol Version 4, Src: 216.239.34.10, Dst: 192.168.100.10
0100 .... = Version: 4
.... 0101 = Header Length: 20 bytes (5)
Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
0000 00.. = Differentiated Services Codepoint: Default (0)
.... ..00 = Explicit Congestion Notification: Not ECN-Capable
Transport (0)
Total Length: 136
Identification: 0x0000 (0)
Flags: 0x40, Don't fragment
0... .... = Reserved bit: Not set
.1.. .... = Don't fragment: Set
..0. .... = More fragments: Not set
...0 0000 0000 0000 = Fragment Offset: 0
Time to Live: 64
Protocol: UDP (17)
Header Checksum: 0x1ab9 [validation disabled]
[Header checksum status: Unverified]
Source Address: 216.239.34.10
Destination Address: 192.168.100.10
User Datagram Protocol, Src Port: domain (53), Dst Port: 57160 (57160)
Source Port: domain (53)
Destination Port: 57160 (57160)
Length: 116
Checksum: 0x168c [unverified]
[Checksum Status: Unverified]
[Stream index: 141]
[Timestamps]
[Time since first frame: 2.003007000 seconds]
[Time since previous frame: 2.003007000 seconds]
UDP payload (108 bytes)
Domain Name System (response)
Transaction ID: 0x187b
Flags: 0x8400 Standard query response, No error
1... .... .... .... = Response: Message is a response
.000 0... .... .... = Opcode: Standard query (0)
.... .1.. .... .... = Authoritative: Server is an authority for
domain
.... ..0. .... .... = Truncated: Message is not truncated
.... ...0 .... .... = Recursion desired: Don't do query recursively
.... .... 0... .... = Recursion available: Server can't do
recursive queries
.... .... .0.. .... = Z: reserved (0)
.... .... ..0. .... = Answer authenticated: Answer/authority
portion was not authenticated by the server
.... .... ...0 .... = Non-authenticated data: Unacceptable
.... .... .... 0000 = Reply code: No error (0)
Questions: 1
Answer RRs: 2
Authority RRs: 0
Additional RRs: 1
Queries
rr5---sn-h5q7kned.googlevideo.com: type A, class IN
Name: rr5---sn-h5q7kned.googlevideo.com
[Name Length: 33]
[Label Count: 3]
Type: A (Host Address) (1)
Class: IN (0x0001)
Answers
rr5---sn-h5q7kned.googlevideo.com: type CNAME, class IN, cname
rr5.sn-h5q7kned.googlevideo.com
Name: rr5---sn-h5q7kned.googlevideo.com
Type: CNAME (Canonical NAME for an alias) (5)
Class: IN (0x0001)
Time to live: 1800 (30 minutes)
Data length: 18
CNAME: rr5.sn-h5q7kned.googlevideo.com
rr5.sn-h5q7kned.googlevideo.com: type A, class IN, addr
74.125.97.170
Name: rr5.sn-h5q7kned.googlevideo.com
Type: A (Host Address) (1)
Class: IN (0x0001)
Time to live: 1800 (30 minutes)
Data length: 4
Address: 74.125.97.170
Additional records
<Root>: type OPT
Name: <Root>
Type: OPT (41)
UDP payload size: 512
Higher bits in extended RCODE: 0x00
EDNS0 version: 0
Z: 0x8000
1... .... .... .... = DO bit: Accepts DNSSEC security RRs
.000 0000 0000 0000 = Reserved: 0x0000
Data length: 0
[Request In: 3493]
[Time: 2.003007000 seconds]
```
Dig trace:
```
:~# dig +trace amazon.com
; <<>> DiG 9.16.1-Ubuntu <<>> +trace amazon.com
;; global options: +cmd
. 456882 IN NS i.root-servers.net.
. 456882 IN NS e.root-servers.net.
. 456882 IN NS m.root-servers.net.
. 456882 IN NS k.root-servers.net.
. 456882 IN NS d.root-servers.net.
. 456882 IN NS c.root-servers.net.
. 456882 IN NS f.root-servers.net.
. 456882 IN NS b.root-servers.net.
. 456882 IN NS h.root-servers.net.
. 456882 IN NS g.root-servers.net.
. 456882 IN NS a.root-servers.net.
. 456882 IN NS j.root-servers.net.
. 456882 IN NS l.root-servers.net.
. 456882 IN RRSIG NS 8 0 518400
20220121050000 20220108040000 9799 .
e9YWOC6cu0v8YVSw1FGWDncBfB9RjuZtdoXRK2h7Hs0IJCuIoh8/feNa
WglnI0Rj1qAtijVdL3ZigCczpMcSUQ70wrw7vQrrjHqhEMouLbxEFFfn
XsRwzOKPH/VY9Dyiq9DXpIkSf55FbINFC6DxquaLoySFZIR4j9qi0Q/y
FL6yrN15qdK+UrYZynPw4XhAQaKtOrpeY86mrGNRJuTFQpQ6Oewy8gXg
ElYCV+Uz7NDU+lDoQ3ibGI8/Cf2uXhpuTr+5PtSP9H0enxioOizAd6RB
2c241Ihpl729CgdBS9TmHGFRQY5/zHxI7fcadt6NTVX4YFDUIxMoaBu1 kl7lqw==
;; Received 1137 bytes from 127.0.0.1#53(127.0.0.1) in 0 ms
com. 172800 IN NS d.gtld-servers.net.
com. 172800 IN NS i.gtld-servers.net.
com. 172800 IN NS a.gtld-servers.net.
com. 172800 IN NS g.gtld-servers.net.
com. 172800 IN NS j.gtld-servers.net.
com. 172800 IN NS m.gtld-servers.net.
com. 172800 IN NS c.gtld-servers.net.
com. 172800 IN NS e.gtld-servers.net.
com. 172800 IN NS h.gtld-servers.net.
com. 172800 IN NS l.gtld-servers.net.
com. 172800 IN NS k.gtld-servers.net.
com. 172800 IN NS f.gtld-servers.net.
com. 172800 IN NS b.gtld-servers.net.
com. 86400 IN DS 30909 8 2
E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
com. 86400 IN RRSIG DS 8 1 86400 20220122050000
20220109040000 9799 .
bhWI749uKdKgjNPqlww3pW5sr6EgRB6diE93HFnEHc8U3wME7YIZLfg5
04y9G0j400X4LaxuXcKyUEP/MXJ5kRhNX15top8yTQdTDqnV3OUcAr/O
q6+vaWe5RD1cxhdcAU7RQZ5tb1Qlri3wbN61Q+vxQUVw96eM5BEuFtY1
fsrTx7N3vI1g29Cq355bqx8lFAzqo1aVyl+LfbY8FWK3ctNzCLj/zS/P
+BrdiWFZSo/uA24GcLvm5GAVFTKcWYKNEN4E9S9SzP7QDzEaZppEtNca
+5tTGEgVRoWp+3kBepOicIGgS49HPa9Z8hYgvWH6teWVKl0AaqIuN1h1 k649vw==
;; Received 1170 bytes from 202.12.27.33#53(m.root-servers.net) in 2003 ms
;; connection timed out; no servers could be reached
amazon.com. 172800 IN NS pdns1.ultradns.net.
amazon.com. 172800 IN NS pdns6.ultradns.co.uk.
amazon.com. 172800 IN NS ns1.p31.dynect.net.
amazon.com. 172800 IN NS ns3.p31.dynect.net.
amazon.com. 172800 IN NS ns2.p31.dynect.net.
amazon.com. 172800 IN NS ns4.p31.dynect.net.
CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 -
CK0Q1GIN43N1ARRC9OSM6QPQR81H5M9A NS SOA RRSIG DNSKEY NSEC3PARAM
CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400
20220115052319 20220108041319 15549 com.
OK9Cv/IlCWwV/+Gw9bPv+ZhLKT1TvH2Mc+744BLp1B1GdZYPuAX+6PyY
40a3XZYclEMg4LzD1Z3d0XDuGWuowyY/Z2VdI6xhsuyZDDe+jBlpCXSm
WqkyNxzzREI2CNJpLxoiaZNGE/l5U7tQsDoNDpN6Dx5xfivdZzGSoCBw
kHVI4ejE59rCWQtMiUtbtxMODk0B71xhzyk34klfTF4L0g==
K200N9823U36O5350KVKEPPT50VH753L.com. 86400 IN NSEC3 1 1 0 -
K201DAGIUALSSFGADN4DHE7N9Q0IROJ1 NS DS RRSIG
K200N9823U36O5350KVKEPPT50VH753L.com. 86400 IN RRSIG NSEC3 8 2 86400
20220116063849 20220109052849 15549 com.
Z+FyFoFUory4FI6bQQ2MB0hlIqdMkhQfSXaBxE32UoGjqVNQCfB1LrJM
X/M5xjkkXyS7qcN7jhPbxAlUhR7OT+ILtIhRweqD34ElHqyKFeMzGvaY
TeMQGk9vXqqMVTkYsZwKoao+uJzC5RQb5AVnG2TGJBH45/lrkgWSXaa6
lQJGrfDUQTYet1AwKLuEupbZGxYNOr2X+QxOIDbxpACYcg==
couldn't get address for 'pdns1.ultradns.net': failure
couldn't get address for 'pdns6.ultradns.co.uk': failure
couldn't get address for 'ns1.p31.dynect.net': failure
couldn't get address for 'ns3.p31.dynect.net': failure
couldn't get address for 'ns2.p31.dynect.net': failure
couldn't get address for 'ns4.p31.dynect.net': failure
dig: couldn't get address for 'pdns1.ultradns.net': no more
```
Capture Query packet:
```
Frame 3493: 116 bytes on wire (928 bits), 116 bytes captured (928 bits)
Encapsulation type: Ethernet (1)
Arrival Time: Jan 9, 2022 23:06:48.497845000 Hora estándar romance
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1641766008.497845000 seconds
[Time delta from previous captured frame: 0.000151000 seconds]
[Time delta from previous displayed frame: 0.000151000 seconds]
[Time since reference or first frame: 12.914489000 seconds]
Frame Number: 3493
Frame Length: 116 bytes (928 bits)
Capture Length: 116 bytes (928 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: eth:ethertype:ip:udp:dns]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Ethernet II, Src: ASUSTekC_85:b5:f6 (78:24:af:85:b5:f6), Dst:
MitraSta_a5:80:e3 (e4:ab:89:a5:80:e3)
Destination: MitraSta_a5:80:e3 (e4:ab:89:a5:80:e3)
Address: MitraSta_a5:80:e3 (e4:ab:89:a5:80:e3)
.... ..0. .... .... .... .... = LG bit: Globally unique address
(factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Source: ASUSTekC_85:b5:f6 (78:24:af:85:b5:f6)
Address: ASUSTekC_85:b5:f6 (78:24:af:85:b5:f6)
.... ..0. .... .... .... .... = LG bit: Globally unique address
(factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Type: IPv4 (0x0800)
Internet Protocol Version 4, Src: 192.168.100.10, Dst: 216.239.34.10
0100 .... = Version: 4
.... 0101 = Header Length: 20 bytes (5)
Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
0000 00.. = Differentiated Services Codepoint: Default (0)
.... ..00 = Explicit Congestion Notification: Not ECN-Capable
Transport (0)
Total Length: 102
Identification: 0x5c40 (23616)
Flags: 0x00
0... .... = Reserved bit: Not set
.0.. .... = Don't fragment: Not set
..0. .... = More fragments: Not set
...0 0000 0000 0000 = Fragment Offset: 0
Time to Live: 63
Protocol: UDP (17)
Header Checksum: 0xff9a [validation disabled]
[Header checksum status: Unverified]
Source Address: 192.168.100.10
Destination Address: 216.239.34.10
User Datagram Protocol, Src Port: 57160 (57160), Dst Port: domain (53)
Source Port: 57160 (57160)
Destination Port: domain (53)
Length: 82
Checksum: 0x7954 [unverified]
[Checksum Status: Unverified]
[Stream index: 141]
[Timestamps]
[Time since first frame: 0.000000000 seconds]
[Time since previous frame: 0.000000000 seconds]
UDP payload (74 bytes)
Domain Name System (query)
Transaction ID: 0x187b
Flags: 0x0000 Standard query
0... .... .... .... = Response: Message is a query
.000 0... .... .... = Opcode: Standard query (0)
.... ..0. .... .... = Truncated: Message is not truncated
.... ...0 .... .... = Recursion desired: Don't do query recursively
.... .... .0.. .... = Z: reserved (0)
.... .... ...0 .... = Non-authenticated data: Unacceptable
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 1
Queries
rr5---sn-h5q7kned.googlevideo.com: type A, class IN
Name: rr5---sn-h5q7kned.googlevideo.com
[Name Length: 33]
[Label Count: 3]
Type: A (Host Address) (1)
Class: IN (0x0001)
Additional records
<Root>: type OPT
Name: <Root>
Type: OPT (41)
UDP payload size: 512
Higher bits in extended RCODE: 0x00
EDNS0 version: 0
Z: 0x8000
1... .... .... .... = DO bit: Accepts DNSSEC security RRs
.000 0000 0000 0000 = Reserved: 0x0000
Data length: 12
Option: COOKIE
Option Code: COOKIE (10)
Option Length: 8
Option Data: 3377c5438c5ee4da
Client Cookie: 3377c5438c5ee4da
Server Cookie: <MISSING>
[Response In: 4701]
```
The response:
```
Frame 4701: 150 bytes on wire (1200 bits), 150 bytes captured (1200 bits)
Encapsulation type: Ethernet (1)
Arrival Time: Jan 9, 2022 23:06:50.500852000 Hora estándar romance
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1641766010.500852000 seconds
[Time delta from previous captured frame: 0.006536000 seconds]
[Time delta from previous displayed frame: 0.006536000 seconds]
[Time since reference or first frame: 14.917496000 seconds]
Frame Number: 4701
Frame Length: 150 bytes (1200 bits)
Capture Length: 150 bytes (1200 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: eth:ethertype:ip:udp:dns]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Ethernet II, Src: MitraSta_a5:80:e3 (e4:ab:89:a5:80:e3), Dst:
ASUSTekC_85:b5:f6 (78:24:af:85:b5:f6)
Destination: ASUSTekC_85:b5:f6 (78:24:af:85:b5:f6)
Address: ASUSTekC_85:b5:f6 (78:24:af:85:b5:f6)
.... ..0. .... .... .... .... = LG bit: Globally unique address
(factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Source: MitraSta_a5:80:e3 (e4:ab:89:a5:80:e3)
Address: MitraSta_a5:80:e3 (e4:ab:89:a5:80:e3)
.... ..0. .... .... .... .... = LG bit: Globally unique address
(factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Type: IPv4 (0x0800)
Internet Protocol Version 4, Src: 216.239.34.10, Dst: 192.168.100.10
0100 .... = Version: 4
.... 0101 = Header Length: 20 bytes (5)
Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
0000 00.. = Differentiated Services Codepoint: Default (0)
.... ..00 = Explicit Congestion Notification: Not ECN-Capable
Transport (0)
Total Length: 136
Identification: 0x0000 (0)
Flags: 0x40, Don't fragment
0... .... = Reserved bit: Not set
.1.. .... = Don't fragment: Set
..0. .... = More fragments: Not set
...0 0000 0000 0000 = Fragment Offset: 0
Time to Live: 64
Protocol: UDP (17)
Header Checksum: 0x1ab9 [validation disabled]
[Header checksum status: Unverified]
Source Address: 216.239.34.10
Destination Address: 192.168.100.10
User Datagram Protocol, Src Port: domain (53), Dst Port: 57160 (57160)
Source Port: domain (53)
Destination Port: 57160 (57160)
Length: 116
Checksum: 0x168c [unverified]
[Checksum Status: Unverified]
[Stream index: 141]
[Timestamps]
[Time since first frame: 2.003007000 seconds]
[Time since previous frame: 2.003007000 seconds]
UDP payload (108 bytes)
Domain Name System (response)
Transaction ID: 0x187b
Flags: 0x8400 Standard query response, No error
1... .... .... .... = Response: Message is a response
.000 0... .... .... = Opcode: Standard query (0)
.... .1.. .... .... = Authoritative: Server is an authority for
domain
.... ..0. .... .... = Truncated: Message is not truncated
.... ...0 .... .... = Recursion desired: Don't do query recursively
.... .... 0... .... = Recursion available: Server can't do
recursive queries
.... .... .0.. .... = Z: reserved (0)
.... .... ..0. .... = Answer authenticated: Answer/authority
portion was not authenticated by the server
.... .... ...0 .... = Non-authenticated data: Unacceptable
.... .... .... 0000 = Reply code: No error (0)
Questions: 1
Answer RRs: 2
Authority RRs: 0
Additional RRs: 1
Queries
rr5---sn-h5q7kned.googlevideo.com: type A, class IN
Name: rr5---sn-h5q7kned.googlevideo.com
[Name Length: 33]
[Label Count: 3]
Type: A (Host Address) (1)
Class: IN (0x0001)
Answers
rr5---sn-h5q7kned.googlevideo.com: type CNAME, class IN, cname
rr5.sn-h5q7kned.googlevideo.com
Name: rr5---sn-h5q7kned.googlevideo.com
Type: CNAME (Canonical NAME for an alias) (5)
Class: IN (0x0001)
Time to live: 1800 (30 minutes)
Data length: 18
CNAME: rr5.sn-h5q7kned.googlevideo.com
rr5.sn-h5q7kned.googlevideo.com: type A, class IN, addr
74.125.97.170
Name: rr5.sn-h5q7kned.googlevideo.com
Type: A (Host Address) (1)
Class: IN (0x0001)
Time to live: 1800 (30 minutes)
Data length: 4
Address: 74.125.97.170
Additional records
<Root>: type OPT
Name: <Root>
Type: OPT (41)
UDP payload size: 512
Higher bits in extended RCODE: 0x00
EDNS0 version: 0
Z: 0x8000
1... .... .... .... = DO bit: Accepts DNSSEC security RRs
.000 0000 0000 0000 = Reserved: 0x0000
Data length: 0
[Request In: 3493]
[Time: 2.003007000 seconds]
```
Query:
```
Frame 7: 118 bytes on wire (944 bits), 118 bytes captured (944 bits)
Ethernet II, Src: ASUSTekC_85:b5:f6 (78:24:af:85:b5:f6), Dst:
MitraSta_a5:80:e3 (e4:ab:89:a5:80:e3)
Internet Protocol Version 4, Src: 192.168.100.10, Dst: 204.61.217.1
0100 .... = Version: 4
.... 0101 = Header Length: 20 bytes (5)
Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
0000 00.. = Differentiated Services Codepoint: Default (0)
.... ..00 = Explicit Congestion Notification: Not ECN-Capable
Transport (0)
Total Length: 104
Identification: 0x7c2b (31787)
Flags: 0x00
0... .... = Reserved bit: Not set
.0.. .... = Don't fragment: Not set
..0. .... = More fragments: Not set
...0 0000 0000 0000 = Fragment Offset: 0
Time to Live: 63
Protocol: UDP (17)
Header Checksum: 0x3568 [validation disabled]
[Header checksum status: Unverified]
Source Address: 192.168.100.10
Destination Address: 204.61.217.1
User Datagram Protocol, Src Port: 54743, Dst Port: 53
Source Port: 54743
Destination Port: 53
Length: 84
Checksum: 0xbc72 [unverified]
[Checksum Status: Unverified]
[Stream index: 4]
[Timestamps]
[Time since first frame: 0.000000000 seconds]
[Time since previous frame: 0.000000000 seconds]
UDP payload (76 bytes)
Domain Name System (query)
Transaction ID: 0xea2f
Flags: 0x0000 Standard query
0... .... .... .... = Response: Message is a query
.000 0... .... .... = Opcode: Standard query (0)
.... ..0. .... .... = Truncated: Message is not truncated
.... ...0 .... .... = Recursion desired: Don't do query recursively
.... .... .0.. .... = Z: reserved (0)
.... .... ...0 .... = Non-authenticated data: Unacceptable
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 1
Queries
translate.google.es: type A, class IN
Name: translate.google.es
[Name Length: 19]
[Label Count: 3]
Type: A (Host Address) (1)
Class: IN (0x0001)
Additional records
<Root>: type OPT
Name: <Root>
Type: OPT (41)
UDP payload size: 512
Higher bits in extended RCODE: 0x00
EDNS0 version: 0
Z: 0x8000
1... .... .... .... = DO bit: Accepts DNSSEC security RRs
.000 0000 0000 0000 = Reserved: 0x0000
Data length: 28
Option: COOKIE
Option Code: COOKIE (10)
Option Length: 24
Option Data:
033b488dccaa016bcaa914d061d9c4ad43d0d60bb5fed1b8
Client Cookie: 033b488dccaa016b
Server Cookie: caa914d061d9c4ad43d0d60bb5fed1b8
[Response In: 12]
```
Response:
```
Frame 12: 118 bytes on wire (944 bits), 118 bytes captured (944 bits)
Ethernet II, Src: MitraSta_a5:80:e3 (e4:ab:89:a5:80:e3), Dst:
ASUSTekC_85:b5:f6 (78:24:af:85:b5:f6)
Internet Protocol Version 4, Src: 204.61.217.1, Dst: 192.168.100.10
0100 .... = Version: 4
.... 0101 = Header Length: 20 bytes (5)
Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
0000 00.. = Differentiated Services Codepoint: Default (0)
.... ..00 = Explicit Congestion Notification: Not ECN-Capable
Transport (0)
Total Length: 104
Identification: 0x0000 (0)
Flags: 0x40, Don't fragment
0... .... = Reserved bit: Not set
.1.. .... = Don't fragment: Set
..0. .... = More fragments: Not set
...0 0000 0000 0000 = Fragment Offset: 0
Time to Live: 64
Protocol: UDP (17)
Header Checksum: 0x7093 [validation disabled]
[Header checksum status: Unverified]
Source Address: 204.61.217.1
Destination Address: 192.168.100.10
User Datagram Protocol, Src Port: 53, Dst Port: 54743
Source Port: 53
Destination Port: 54743
Length: 84
Checksum: 0x37a2 [unverified]
[Checksum Status: Unverified]
[Stream index: 4]
[Timestamps]
[Time since first frame: 2.002658000 seconds]
[Time since previous frame: 2.002658000 seconds]
UDP payload (76 bytes)
Domain Name System (response)
Transaction ID: 0xea2f
Flags: 0x8200 Standard query response, No error
1... .... .... .... = Response: Message is a response
.000 0... .... .... = Opcode: Standard query (0)
.... .0.. .... .... = Authoritative: Server is not an authority for
domain
.... ..1. .... .... = Truncated: Message is truncated
.... ...0 .... .... = Recursion desired: Don't do query recursively
.... .... 0... .... = Recursion available: Server can't do
recursive queries
.... .... .0.. .... = Z: reserved (0)
.... .... ..0. .... = Answer authenticated: Answer/authority
portion was not authenticated by the server
.... .... ...0 .... = Non-authenticated data: Unacceptable
.... .... .... 0000 = Reply code: No error (0)
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 1
Queries
translate.google.es: type A, class IN
Name: translate.google.es
[Name Length: 19]
[Label Count: 3]
Type: A (Host Address) (1)
Class: IN (0x0001)
Additional records
<Root>: type OPT
Name: <Root>
Type: OPT (41)
UDP payload size: 4096
Higher bits in extended RCODE: 0x00
EDNS0 version: 0
Z: 0x8000
1... .... .... .... = DO bit: Accepts DNSSEC security RRs
.000 0000 0000 0000 = Reserved: 0x0000
Data length: 28
Option: COOKIE
Option Code: COOKIE (10)
Option Length: 24
Option Data:
033b488dccaa016bf503131061d9c8fa5e2a52a0e09bd815
Client Cookie: 033b488dccaa016b
Server Cookie: f503131061d9c8fa5e2a52a0e09bd815
[Request In: 7]
[Time: 2.002658000 seconds]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20220111/8726e611/attachment-0001.htm>
More information about the bind-users
mailing list