Problem with forward zone in view
Phil Mayers
p.mayers at imperial.ac.uk
Sun Sep 8 10:54:34 UTC 2013
On 09/08/2013 11:38 AM, Carol Overes wrote:
> Hi Steve,
>
> Thanks for your reponse.
>
> On Sun, Sep 08, 2013 at 10:57:15AM +0100, Steven Carr wrote:
>> You will need to perform a packet capture on the DNS server itself,
>> from a client they query for records in domain2.com and then analyse
>> the packet capture to see what happened when the query came in.
>
> Just now I performed a packet capture, to check what the response is
> when a client queries domain2.com. I can see that the response results
> in a NXDomain from one of the authoritive .com TLD servers. And I don't
> see any packets going towards 192.168.1.1.
You're not understanding:
+trace is done client-side, and from the top-down. It doesn't honour any
forwarders set server-side. It also doesn't replicate what a real
recursive client does, so it's not a good test.
What happens if you test without +trace? Just do:
dig @10.x.x.x www.domain2.com
Ignore +trace - it's not useful in this situation.
More information about the bind-users
mailing list