Why "dig foo" fails but "dig +trace foo" succeeds?

Mark Andrews Mark_Andrews at isc.org
Wed Nov 17 05:16:25 UTC 2004


> Is there anyone who can explain this behavior to me?
> 
>   # dig www.powweb.com
>    <...waits patiently...>
>   ; <<>> DiG 9.2.4rc6 <<>> www.powweb.com
>   ;; global options:  printcmd
>   ;; connection timed out; no servers could be reached
>   #

	Firstly you should not be running 9.2.4rc6 as 9.2.4 is
	available.

	Next you want to eliminate a broken/misconfigured firewall
	from the problem space.  You should be able to get a answer
	to both of these queries.  If you don't you need to fix your
	firewall to handle EDNS queries.
	
		dig +bufsiz=4096 www.powweb.com @a.root-servers.net
		dig www.powweb.com @a.root-servers.net

	Referrals to the COM/NET servers from the root servers now
	exceed 512 octets using EDNS.

	You can workaround this by using the following in 9.3.0.

		options { edns-udp-size 512; };

	After that do one of the following:
	* get IPv6 connectivity
	* rebuild without IPv6 disabled (configure --disable-ipv6)
	* upgrade to 9.3.0 and run 'named -4'
	  (runtime equivalent to configure --disable-ipv6).

	The RTT estimates for the IPv6 addresses for A.GTLD-SERVERS.NET
	and B.GTLD-SERVERS.NET are not being penalised on network/host
	unreachable causing the initial lookups for COM/NET names
	to timeout as these addresses get lower and lower RTT estimates.
	This will be fixed in 9.3.1/9.2.5.

	If after doing all that you still have problems post packet
	traces.

>   # dig +trace www.powweb.com
> 
>   ; <<>> DiG 9.2.4rc6 <<>> +trace www.powweb.com
>   ;; global options:  printcmd
>   .                       502538  IN      NS      K.ROOT-SERVERS.NET.
>   .                       502538  IN      NS      L.ROOT-SERVERS.NET.
>   .                       502538  IN      NS      M.ROOT-SERVERS.NET.
>   .                       502538  IN      NS      A.ROOT-SERVERS.NET.
>   .                       502538  IN      NS      B.ROOT-SERVERS.NET.
>   .                       502538  IN      NS      C.ROOT-SERVERS.NET.
>   .                       502538  IN      NS      D.ROOT-SERVERS.NET.
>   .                       502538  IN      NS      E.ROOT-SERVERS.NET.
>   .                       502538  IN      NS      F.ROOT-SERVERS.NET.
>   .                       502538  IN      NS      G.ROOT-SERVERS.NET.
>   .                       502538  IN      NS      H.ROOT-SERVERS.NET.
>   .                       502538  IN      NS      I.ROOT-SERVERS.NET.
>   .                       502538  IN      NS      J.ROOT-SERVERS.NET.
>   ;; Received 372 bytes from 147.160.1.6#53(147.160.1.6) in 1 ms
>  
>   com.                    172800  IN      NS      a.gtld-servers.net.
>   com.                    172800  IN      NS      g.gtld-servers.net.
>   com.                    172800  IN      NS      h.gtld-servers.net.
>   com.                    172800  IN      NS      c.gtld-servers.net.
>   com.                    172800  IN      NS      i.gtld-servers.net.
>   com.                    172800  IN      NS      b.gtld-servers.net.
>   com.                    172800  IN      NS      d.gtld-servers.net.
>   com.                    172800  IN      NS      l.gtld-servers.net.
>   com.                    172800  IN      NS      f.gtld-servers.net.
>   com.                    172800  IN      NS      j.gtld-servers.net.
>   com.                    172800  IN      NS      k.gtld-servers.net.
>   com.                    172800  IN      NS      e.gtld-servers.net.
>   com.                    172800  IN      NS      m.gtld-servers.net.
>   ;; Received 504 bytes from 193.0.14.129#53(K.ROOT-SERVERS.NET) in 87 ms
>  
>   powweb.com.             172800  IN      NS      ns2.powweb.com.
>   powweb.com.             172800  IN      NS      ns3.powweb.com.
>   ;; Received 100 bytes from 192.5.6.30#53(a.gtld-servers.net) in 22 ms
>  
>   www.powweb.com.         3600    IN      A       66.152.97.130
>   powweb.com.             3600    IN      NS      ns3.powweb.com.
>   powweb.com.             3600    IN      NS      ns2.powweb.com.
>   ;; Received 116 bytes from 66.152.97.4#53(ns2.powweb.com) in 81 ms
>  
> If it matters, this is on RHEL 3.0.
> 
> 
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org



More information about the bind-users mailing list