what's wrong with recent bind-utils against dnsmasq
Matus UHLAR - fantomas
uhlar at fantomas.sk
Fri Apr 27 10:37:22 UTC 2018
On 26.04.18 10:44, Reindl Harald wrote:
>when the server is dnsmasq you get all sort of funny results from
>SERVFAIL to REFUSED combined with the right answer
>that now even goes so far that named is no longer able to resolve
>zone-delegations pointing to a dnsmasq
dnsmasq is not full DNS server.
and thus I don't recommend pointing delegations to dnsmasq server.
>[root at testserver:~]$ nslookup rhsoft.testserver.example.com 127.0.0.1
>** server can't find rhsoft.testserver.example.com: REFUSED
>[root at flow-home:~]$ nslookup contentlounge.flow-home.example.net
>** server can't find contentlounge.flow-home.example.net: SERVFAIL
nslokup is not reliable tool for debugging DNS problems. nslookup asks the
DNS server for more data than you ask it for and thus can show error message
when data you ask are available, but data it searches for are not.
>[root at testserver:~]$ host rhsoft.testserver.example.com 127.0.0.1
>Using domain server:
>Name: 127.0.0.1
>Address: 127.0.0.1#53
>Aliases:
>
>rhsoft.testserver.example.com has address 127.0.0.1
>Host rhsoft.testserver.example.com not found: 5(REFUSED)
>Host rhsoft.testserver.example.com not found: 5(REFUSED)
"host" by default searches for A, AAAA and MX (as described in "-t" option),
this shows that dnsmasq has returned "127.0.0.1" for A, and REFUSED for AAAA
and MX records.
>[root at testserver:~]$ dig rhsoft.testserver.example.com @127.0.0.1
>;; ANSWER SECTION:
>rhsoft.testserver.example.com. 30 IN A 127.0.0.1
dig by default only asks for A which is why you got proper answer here.
--
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
LSD will make your ECS screen display 16.7 million colors
More information about the bind-users
mailing list