search directive in resolv.conf - only 2 domains searched

Chris Buxton chris.p.buxton at gmail.com
Thu Jan 14 12:04:42 UTC 2010


On Jan 14, 2010, at 5:47 AM, Andrew Swartzbaugh wrote:

> My resolver only does lookups for the first two domains specified by the search directive in the /etc/resolv.conf file.  For example, if I do a lookup of server1.eur.domain2.mil and domain2.mil is the second domain specified by the search directive, the query works.  However, if domain2.mil is the third domain specified by the search directive, the query fails.
> 
> This is behavior that has changed within the last two weeks on our Solaris
> 9 systems (the Solaris 10 systems still work).
> 
> The only explanation that I can think of is that the resolver libraries
> have changed and that the libraries were only compiled to look through the first 2 domains that are specified by the search directive.  Is this a possibility?  Where are the dns resolver libraries located on a Solaris 9 system?

nslookup is not a valid test of the behavior of the stub resolver. Can you demonstrate the problem with a method that actually sends a request to the stub resolver, such as 'ping server1'?

Chris Buxton

> srs-e1-swartzb(~)->uname -a
> SunOS srs-e1 5.9 Generic_122300-39 sun4u sparc SUNW,Sun-Fire-480R
> 
> srs-e1-swartzb(~)-> more /etc/resolv.conf
> search eur.dcn.domain1.mil eur.domain2.mil conus.dcn.domain1.mil 
> nameserver 10.99.5.18
> nameserver 10.99.5.25
> 
> srs-e1-swartzb(~)-> nslookup
> Default Server:  dns-e1.eur.dcn.domain1.mil
> Address:  10.99.5.18
> 
>> set d2
> 
> 
> QUERY #1 - successful!
> 
> 
>> server1
> Server:  dns-e1.eur.dcn.domain1.mil
> Address:  10.99.5.18
> 
> ;; res_nmkquery(QUERY, server1.eur.dcn.domain1.mil, IN, A)
> ------------
> SendRequest(), len 39
>    HEADER:
> 	opcode = QUERY, id = 36724, rcode = NOERROR
> 	header flags:  query, want recursion
> 	questions = 1,  answers = 0,  authority records = 0,  additional = 0
> 
>    QUESTIONS:
> 	server1.eur.dcn.domain1.mil, type = A, class = IN
> 
> ------------
> ------------
> Got answer (87 bytes):
>    HEADER:
> 	opcode = QUERY, id = 36724, rcode = NXDOMAIN
> 	header flags:  response, auth. answer, want recursion
> 	questions = 1,  answers = 0,  authority records = 1,  additional = 0
> 
>    QUESTIONS:
> 	server1.eur.dcn.domain1.mil, type = A, class = IN
>    AUTHORITY RECORDS:
>    ->  eur.dcn.domain1.mil
> 	type = SOA, class = IN, dlen = 36
> 	ttl = 86400 (1D)
> 	origin = dns-e1.eur.dcn.domain1.mil
> 	mail addr = root.dns-e1.eur.dcn.domain1.mil
> 	serial = 2010010803
> 	refresh = 86400 (1D)
> 	retry   = 7200 (2H)
> 	expire  = 1728000 (1728000)
> 	minimum ttl = 86400 (1D)
> 
> ------------
> ;; res_nmkquery(QUERY, server1.eur.domain2.mil, IN, A)
> ------------
> SendRequest(), len 35
>    HEADER:
> 	opcode = QUERY, id = 36725, rcode = NOERROR
> 	header flags:  query, want recursion
> 	questions = 1,  answers = 0,  authority records = 0,  additional = 0
> 
>    QUESTIONS:
> 	server1.eur.domain2.mil, type = A, class = IN
> 
> ------------
> ------------
> Got answer (138 bytes):
>    HEADER:
> 	opcode = QUERY, id = 36725, rcode = NOERROR
> 	header flags:  response, auth. answer, want recursion
> 	questions = 1,  answers = 1,  authority records = 2,  additional = 2
> 
>    QUESTIONS:
> 	server1.eur.domain2.mil, type = A, class = IN
>    ANSWERS:
>    ->  server1.eur.domain2.mil
> 	type = A, class = IN, dlen = 4
> 	internet address = 199.10.205.100
> 	ttl = 86400 (1D)
>    AUTHORITY RECORDS:
>    ->  eur.domain2.mil
> 	type = NS, class = IN, dlen = 22
> 	nameserver = dns-e2.eur.dcn.domain1.mil
> 	ttl = 86400 (1D)
>    ->  eur.domain2.mil
> 	type = NS, class = IN, dlen = 9
> 	nameserver = dns-e1.eur.dcn.domain1.mil
> 	ttl = 86400 (1D)
>    ADDITIONAL RECORDS:
>    ->  dns-e1.eur.dcn.domain1.mil
> 	type = A, class = IN, dlen = 4
> 	internet address = 10.99.5.18
> 	ttl = 86400 (1D)
>    ->  dns-e2.eur.dcn.domain1.mil
> 	type = A, class = IN, dlen = 4
> 	internet address = 10.99.5.25
> 	ttl = 86400 (1D)
> 
> ------------
> Name:    server1.eur.domain2.mil
> Address:  199.10.205.100
> 
>> exit
> 
> 
> 
> 
> 
> srs-e1-swartzb(~)-> more /etc/resolv.conf
> search eur.dcn.domain1.mil conus.dcn.domain1.mil eur.domain2.mil
> nameserver 10.99.5.18
> nameserver 10.99.5.25
> 
> srs-e1-swartzb(~)-> nslookup
> Default Server:  dns-e1.eur.dcn.domain1.mil
> Address:  10.99.5.18
> 
>> set d2
> 
> 
> QUERY #2 - NOT successful!
> 
> 
>> server1
> Server:  dns-e1.eur.dcn.domain1.mil
> Address:  10.99.5.18
> 
> ;; res_nmkquery(QUERY, server1.eur.dcn.domain1.mil, IN, A)
> ------------
> SendRequest(), len 39
>    HEADER:
> 	opcode = QUERY, id = 9424, rcode = NOERROR
> 	header flags:  query, want recursion
> 	questions = 1,  answers = 0,  authority records = 0,  additional = 0
> 
>    QUESTIONS:
> 	server1.eur.dcn.domain1.mil, type = A, class = IN
> 
> ------------
> ------------
> Got answer (87 bytes):
>    HEADER:
> 	opcode = QUERY, id = 9424, rcode = NXDOMAIN
> 	header flags:  response, auth. answer, want recursion
> 	questions = 1,  answers = 0,  authority records = 1,  additional = 0
> 
>    QUESTIONS:
> 	server1.eur.dcn.domain1.mil, type = A, class = IN
>    AUTHORITY RECORDS:
>    ->  eur.dcn.domain1.mil
> 	type = SOA, class = IN, dlen = 36
> 	ttl = 86400 (1D)
> 	origin = dns-e1.eur.dcn.domain1.mil
> 	mail addr = root.dns-e1.eur.dcn.domain1.mil
> 	serial = 2010010803
> 	refresh = 86400 (1D)
> 	retry   = 7200 (2H)
> 	expire  = 1728000 (1728000)
> 	minimum ttl = 86400 (1D)
> 
> ------------
> ;; res_nmkquery(QUERY, server1.conus.dcn.domain1.mil, IN, A)
> ------------
> SendRequest(), len 41
>    HEADER:
> 	opcode = QUERY, id = 9425, rcode = NOERROR
> 	header flags:  query, want recursion
> 	questions = 1,  answers = 0,  authority records = 0,  additional = 0
> 
>    QUESTIONS:
> 	server1.conus.dcn.domain1.mil, type = A, class = IN
> 
> ------------
> ------------
> Got answer (41 bytes):
>    HEADER:
> 	opcode = QUERY, id = 9425, rcode = SERVFAIL
> 	header flags:  response, want recursion
> 	questions = 1,  answers = 0,  authority records = 0,  additional = 0
> 
>    QUESTIONS:
> 	server1.conus.dcn.domain1.mil, type = A, class = IN
> 
> ------------
> ;; res_nmkquery(QUERY, server1, IN, A)
> ------------
> SendRequest(), len 22
>    HEADER:
> 	opcode = QUERY, id = 9426, rcode = NOERROR
> 	header flags:  query, want recursion
> 	questions = 1,  answers = 0,  authority records = 0,  additional = 0
> 
>    QUESTIONS:
> 	server1, type = A, class = IN
> 
> ------------
> ------------
> Got answer (22 bytes):
>    HEADER:
> 	opcode = QUERY, id = 9426, rcode = REFUSED
> 	header flags:  response, want recursion
> 	questions = 1,  answers = 0,  authority records = 0,  additional = 0
> 
>    QUESTIONS:
> 	server1, type = A, class = IN
> 
> ------------
> *** dns-e1.eur.dcn.domain1.mil can't find server1: Query refused
>> exit
> 
> 
> 
> 
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users




More information about the bind-users mailing list