Question about dig command

Khuu, Linh MicroTech Linh.Khuu at ssa.gov
Fri Feb 26 13:37:21 UTC 2010


Thanks Stephane!!! Adding ::1 in the ACL did the trick.

Linh Khuu

-----Original Message-----
From: Stephane Bortzmeyer [mailto:bortzmeyer at nic.fr] 
Sent: Thursday, February 25, 2010 11:09 AM
To: Khuu, Linh MicroTech
Cc: 'bind-users at lists.isc.org'
Subject: Re: Question about dig command

On Thu, Feb 25, 2010 at 10:58:49AM -0500,
 Khuu, Linh   MicroTech <Linh.Khuu at ssa.gov> wrote 
 a message of 54 lines which said:

> client ::1#33086: query (cache) 'dnssec12.datamtn.com/AAAA/IN' denied
> 
> Then I switched to use the ???dig??? command from 9.4.1-P1 to query the same AAAA record, I got result nicely.

Possible reason: the recent dig can use IPv6 *transport* (talking to
the server with IPv6, not just asking IPv6 *data*). But may be ::1
(localhost in IPv6) is not authorized by your name server. Check the
ACL, try dig with -4 (or @127.0.0.1), etc.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 183 bytes
Desc: not available
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20100226/953a610c/attachment.bin>


More information about the bind-users mailing list