recursive query use tcp ?
Sukmoon Lee
smlee at sk.com
Mon Apr 8 05:33:28 UTC 2019
I have check that your recommended option works well.
Thank you very much.
08-Apr-2019 14:30:17.867 CQ 127.0.0.1:60997 -> 127.0.0.1:0 UDP 54b sukmoonlee.tk/IN/A
08-Apr-2019 14:30:17.867 RQ 10.0.2.15:53866 -> 192.112.36.4:53 UDP 40b ./IN/NS
08-Apr-2019 14:30:17.867 RQ 10.0.2.15:39398 -> 192.112.36.4:53 UDP 43b tk/IN/NS
08-Apr-2019 14:30:17.926 RR 10.0.2.15:53866 <- 192.112.36.4:53 UDP 56b ./IN/NS
08-Apr-2019 14:30:17.927 RR 10.0.2.15:39398 <- 192.112.36.4:53 UDP 505b tk/IN/NS
08-Apr-2019 14:30:17.926 RQ 10.0.2.15:45621 -> 192.112.36.4:53 TCP 56b ./IN/NS
08-Apr-2019 14:30:17.927 RQ 10.0.2.15:51377 -> 194.0.38.1:53 TCP 43b tk/IN/NS
08-Apr-2019 14:30:18.559 RR 10.0.2.15:51377 <- 194.0.38.1:53 TCP 274b tk/IN/NS
08-Apr-2019 14:30:18.560 RQ 10.0.2.15:45121 -> 192.112.36.4:53 UDP 64b a.ns.tk/IN/AAAA
08-Apr-2019 14:30:18.560 RQ 10.0.2.15:40088 -> 192.112.36.4:53 UDP 64b b.ns.tk/IN/AAAA
08-Apr-2019 14:30:18.561 RQ 10.0.2.15:59965 -> 192.112.36.4:53 UDP 64b c.ns.tk/IN/AAAA
08-Apr-2019 14:30:18.561 RQ 10.0.2.15:48924 -> 192.112.36.4:53 UDP 64b d.ns.tk/IN/AAAA
08-Apr-2019 14:30:18.619 RR 10.0.2.15:40088 <- 192.112.36.4:53 UDP 617b b.ns.tk/IN/AAAA
08-Apr-2019 14:30:18.621 RR 10.0.2.15:59965 <- 192.112.36.4:53 UDP 617b c.ns.tk/IN/AAAA
08-Apr-2019 14:30:18.624 RR 10.0.2.15:45121 <- 192.112.36.4:53 UDP 617b a.ns.tk/IN/AAAA
08-Apr-2019 14:30:18.627 RR 10.0.2.15:48924 <- 192.112.36.4:53 UDP 617b d.ns.tk/IN/AAAA
08-Apr-2019 14:30:18.559 RQ 10.0.2.15:33217 -> 194.0.41.1:53 TCP 54b sukmoonlee.tk/IN/A
08-Apr-2019 14:30:18.621 RQ 10.0.2.15:60200 -> 194.0.40.1:53 TCP 48b c.ns.tk/IN/AAAA
08-Apr-2019 14:30:18.624 RQ 10.0.2.15:39098 -> 194.0.40.1:53 TCP 48b a.ns.tk/IN/AAAA
08-Apr-2019 14:30:18.620 RQ 10.0.2.15:50933 -> 194.0.40.1:53 TCP 48b b.ns.tk/IN/AAAA
08-Apr-2019 14:30:18.627 RQ 10.0.2.15:50889 -> 194.0.40.1:53 TCP 48b d.ns.tk/IN/AAAA
08-Apr-2019 14:30:19.049 RR 10.0.2.15:33217 <- 194.0.41.1:53 TCP 301b sukmoonlee.tk/IN/A
08-Apr-2019 14:30:19.049 CR 127.0.0.1:60997 <- 127.0.0.1:0 UDP 86b sukmoonlee.tk/IN/A
08-Apr-2019 14:30:19.115 RR 10.0.2.15:60200 <- 194.0.40.1:53 TCP 274b c.ns.tk/IN/AAAA
08-Apr-2019 14:30:19.116 RR 10.0.2.15:50933 <- 194.0.40.1:53 TCP 274b b.ns.tk/IN/AAAA
08-Apr-2019 14:30:19.118 RR 10.0.2.15:39098 <- 194.0.40.1:53 TCP 274b a.ns.tk/IN/AAAA
-----Original Message-----
From: Mark Andrews <marka at isc.org>
Sent: Monday, April 08, 2019 1:38 PM
To: 이석문님/Core솔루션팀 <smlee at sk.com>
Cc: bind-users at lists.isc.org
Subject: Re: recursive query use tcp ?
I suggest that you fix whatever is blocking the UDP queries as the servers (in Singapore at least) do respond to UDP queries.
% dig @194.0.38.1 sukmoonlee.tk +nsid
; <<>> DiG 9.15.0-dev+hotspot+add-prefetch+marka <<>> @194.0.38.1 sukmoonlee.tk +nsid ; (1 server found) ;; global options: +cmd ;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54117 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 9 ;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
; NSID: 73 69 6e ("sin")
;; QUESTION SECTION:
;sukmoonlee.tk. IN A
;; ANSWER SECTION:
sukmoonlee.tk. 300 IN A 195.20.43.161
;; AUTHORITY SECTION:
tk. 86400 IN NS a.ns.tk.
tk. 86400 IN NS b.ns.tk.
tk. 86400 IN NS c.ns.tk.
tk. 86400 IN NS d.ns.tk.
;; ADDITIONAL SECTION:
a.ns.tk. 10800 IN A 194.0.38.1
b.ns.tk. 10800 IN A 194.0.39.1
c.ns.tk. 10800 IN A 194.0.40.1
d.ns.tk. 10800 IN A 194.0.41.1
a.ns.tk. 10800 IN AAAA 2001:678:50::1
b.ns.tk. 10800 IN AAAA 2001:678:54::1
c.ns.tk. 10800 IN AAAA 2001:678:58::1
d.ns.tk. 10800 IN AAAA 2001:678:5c::1
;; Query time: 136 msec
;; SERVER: 194.0.38.1#53(194.0.38.1)
;; WHEN: Mon Apr 08 14:31:12 AEST 2019
;; MSG SIZE rcvd: 308
%
That said you can set "tcp-only yes”; in an appropriate server clause.
Mark
> On 8 Apr 2019, at 2:26 pm, Sukmoon Lee <smlee at sk.com> wrote:
>
> Hello.
>
> My Test DNS is not response for "*.tk".
> I looked around then my server not work connect using udp for tk's tld name sever.
> But this server is work to using TCP. (below test)
>
> If there is an option on the named server that recursive queries use tcp?
> I can't search BIND ARM.
>
> Thanks in Advance.
>
>
> Regards,
> Sukmoon Lee
>
>
>
>
> ---------------------------------
>
> $ dig @194.0.38.1 sukmoonlee.tk
>
> ; <<>> DiG 9.11.2-P1 <<>> @194.0.38.1 sukmoonlee.tk ; (1 server found)
> ;; global options: +cmd ;; connection timed out; no servers could be
> reached
>
> $ dig @194.0.38.1 sukmoonlee.tk +tcp
>
> ; <<>> DiG 9.11.2-P1 <<>> @194.0.38.1 sukmoonlee.tk +tcp ; (1 server
> found) ;; global options: +cmd ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30919 ;; flags: qr
> aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 9 ;; WARNING:
> recursion requested but not available
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 512
> ;; QUESTION SECTION:
> ;sukmoonlee.tk. IN A
>
> ;; ANSWER SECTION:
> sukmoonlee.tk. 300 IN A 195.20.43.161
>
> ;; AUTHORITY SECTION:
> tk. 86400 IN NS a.ns.tk.
> tk. 86400 IN NS b.ns.tk.
> tk. 86400 IN NS c.ns.tk.
> tk. 86400 IN NS d.ns.tk.
>
> ;; ADDITIONAL SECTION:
> a.ns.tk. 10800 IN A 194.0.38.1
> b.ns.tk. 10800 IN A 194.0.39.1
> c.ns.tk. 10800 IN A 194.0.40.1
> d.ns.tk. 10800 IN A 194.0.41.1
> a.ns.tk. 10800 IN AAAA 2001:678:50::1
> b.ns.tk. 10800 IN AAAA 2001:678:54::1
> c.ns.tk. 10800 IN AAAA 2001:678:58::1
> d.ns.tk. 10800 IN AAAA 2001:678:5c::1
>
> ;; Query time: 242 msec
> ;; SERVER: 194.0.38.1#53(194.0.38.1)
> ;; WHEN: Mon Apr 08 11:32:40 KST 2019
> ;; MSG SIZE rcvd: 301
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list