trouble resolving names in GOV.
Bennett, Steve
s.bennett at lancaster.ac.uk
Tue Feb 1 15:57:35 UTC 2005
Hi Kevin, thanks for the reply...
> > 2b) find "nih.gov" nameservers:
> > $dig @a.gov.zoneedit.com. ns nih.gov.
> >
> > ; <<>> DiG 9.3.0 <<>> @a.gov.zoneedit.com. ns nih.gov.
> > ;; global options: printcmd
> >
> >Shouldn't 2b return the list of nameservers for the domain=20
> "nih.gov"? If not, why not?
> >
> I assume, since you truncated the output, that you got some sort of=20
> timeout for the 2b query. What happens if you try some of the other=20
> nameservers for .gov? Do they all timeout? If so, look at your=20
> networking/firewall configuration.
No, I've not truncated the output, there's no timeout, and I don't
believe that there's any problem with network or firewall configuration.
I have the following in my .digrc to make the responses clearer:
+nocomments
+noquestion
+noadditional
+noauthority
+nostats
i.e. I want dig to just tell me the answer to the question. I think this
is the point about the problem I think I can see in .gov
> That query comes back just fine for me:
>=20
> % dig @a.gov.zoneedit.com ns nih.gov
>=20
> ; <<>> DiG 9.2.2rc1 <<>> @a.gov.zoneedit.com ns nih.gov
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64671
> ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 3, ADDITIONAL: 3
^^^^^^^^^
That's the point though: "ANSWER:0" - the .gov nameservers are not
answering the question, they are just saying where to go to get the
authoritative answer to the question.
As I understand it, the .gov nameservers don't seem to have the glue
entries to give the answer, and for some reason, BIND v9.3.0 (at least,
the copy that I'm running) isn't picking up the answers in the
"additional" section.
Steve.
More information about the bind-users
mailing list