Tracing Response Packets at the Querying Server

Warren Kumari warren at
Thu Jan 13 18:51:10 UTC 2011

On Jan 13, 2011, at 12:08 PM, Barry Finkel wrote:

> I am running bind-9.7.2-P3, and I am having a problem with BIND or
> the network or the Ubuntu operating system.  I send a DNS query from
> one of my DNS servers to another of my DNS servers.  I see in a tshark
> trace that the reply packet is received back at the querying server,  
> but
> dig produces a timeout message.

If you use dig to query the remote server directly (dig  
@<other_server> foo) do you see the same issue?

One obvious thing to check would be if you have something like  
iptables blocking the reply (tshark / tcpdump will still see the  

> Can I set some trace level to see if
> the reply packet is being seen by BIND?  And I am not sure into which
> logging category the trace records would be written.  Thanks.
> -- 

I believe this will do sometihng helpful:

      channel debug_log {
	    // Attach this channel for debugging messages..
             file "/var/named/data/debug.log" size 1m versions 5;
	    severity debug;
	    print-category yes;
             print-severity yes;
             print-time yes;

       category queries { debug_log; audit_log; };

> ----------------------------------------------------------------------
> Barry S. Finkel
> Computing and Information Systems Division
> Argonne National Laboratory          Phone:    +1 (630) 252-7277
> 9700 South Cass Avenue               Facsimile:+1 (630) 252-4601
> Building 240, Room 5.B.8             Internet: BSFinkel at
> Argonne, IL   60439-4828             IBMMAIL:  I1004994
> _______________________________________________
> bind-users mailing list
> bind-users at

More information about the bind-users mailing list