date:20160412

Re: when i check resolver.log just now , i found some error info about AAAA ( ipv6)

2016-04-12 Thread Mark Andrews


Just another broken nameserver that doesn't handle  queries
correctly.  It answers authoritatively for dlb.g5.letvlb.com/A but
returns a referral for dlb.g5.letvlb.com/ with unrelated
additional records.

Mark

% dig dlb.g5.letvlb.com @106.38.226.245

; <<>> DiG 9.11.0a1 <<>> dlb.g5.letvlb.com @106.38.226.245
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61581
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;dlb.g5.letvlb.com. IN  A

;; ANSWER SECTION:
dlb.g5.letvlb.com.  600 IN  A   123.59.122.228

;; Query time: 359 msec
;; SERVER: 106.38.226.245#53(106.38.226.245)
;; WHEN: Wed Apr 13 14:16:20 EST 2016
;; MSG SIZE  rcvd: 68

% dig dlb.g5.letvlb.com @106.38.226.245 

; <<>> DiG 9.11.0a1 <<>> dlb.g5.letvlb.com @106.38.226.245 
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 3, ADDITIONAL: 3
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;dlb.g5.letvlb.com. IN  

;; AUTHORITY SECTION:
dlb.g5.letvlb.com.  600 IN  NS  ns1.letvlb.com.
dlb.g5.letvlb.com.  600 IN  NS  ns2.letvlb.com.
dlb.g5.letvlb.com.  600 IN  NS  ns3.letvlb.com.

;; ADDITIONAL SECTION:
au.ns1.letvlb.com.  600 IN  A   111.206.208.224
au.ns2.letvlb.com.  600 IN  A   106.38.226.245
au.ns3.letvlb.com.  600 IN  A   117.121.2.237

;; Query time: 492 msec
;; SERVER: 106.38.226.245#53(106.38.226.245)
;; WHEN: Wed Apr 13 14:16:25 EST 2016
;; MSG SIZE  rcvd: 269

% 


In message <570dc310.1060...@yahoo.com>, johnzeng writes:
> 
> Hello Dear Sir :
> 
> when i check resolver.log just now , i found some error info about 
> ( ipv6)
> 
> although i search some helpful info from ask.com , but i can't find the
> config file , maybe the reason is i compiled via source file (
> ./configure --prefix=/mydic ).
> 
> Whether i need build the config file ?
> 
> 
> 
> This of course won't stop bind from blindly trying to use ipv6 though,
> so you also need to alter |/etc/default/bind9| like so:
> 
> |# run resolvconf? 
> RESOLVCONF=yes 
> # startup options for the server 
> OPTIONS="-4 -u bind"
> |
> 
> 
> 
> 
> 13-Apr-2016 11:49:11.858 DNS format error from 106.38.226.245#53
> resolving dlb.g5.letvlb.com/ for client 127.0.0.1#53325:
> non-improving referral
> 13-Apr-2016 11:49:11.898 DNS format error from 111.206.208.224#53
> resolving dlb.g5.letvlb.com/ for client 127.0.0.1#53325:
> non-improving referral
> 13-Apr-2016 11:49:11.939 DNS format error from 117.121.2.237#53
> resolving dlb.g5.letvlb.com/ for client 127.0.0.1#53325:
> non-improving referral
> 
> ___
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
> from this list
> 
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

when i check resolver.log just now , i found some error info about AAAA ( ipv6)

2016-04-12 Thread johnzeng


Hello Dear Sir :

when i check resolver.log just now , i found some error info about 
( ipv6)

although i search some helpful info from ask.com , but i can't find the
config file , maybe the reason is i compiled via source file (
./configure --prefix=/mydic ).

Whether i need build the config file ?



This of course won't stop bind from blindly trying to use ipv6 though,
so you also need to alter |/etc/default/bind9| like so:

|# run resolvconf? 
RESOLVCONF=yes 
# startup options for the server 
OPTIONS="-4 -u bind"
|




13-Apr-2016 11:49:11.858 DNS format error from 106.38.226.245#53
resolving dlb.g5.letvlb.com/ for client 127.0.0.1#53325:
non-improving referral
13-Apr-2016 11:49:11.898 DNS format error from 111.206.208.224#53
resolving dlb.g5.letvlb.com/ for client 127.0.0.1#53325:
non-improving referral
13-Apr-2016 11:49:11.939 DNS format error from 117.121.2.237#53
resolving dlb.g5.letvlb.com/ for client 127.0.0.1#53325:
non-improving referral

___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Bind response to query's very small edns udp payload size

2016-04-12 Thread Barry Margolin

In article ,
 John Wobus  wrote:

> What does bind try to do if the client specifies a udp size of less than 512?
> Iâve been trying queries and here is what Iâve seen:

>From RFC 6891:

Values lower than 512 MUST be treated as equal to 512.

https://tools.ietf.org/html/rfc6891#section-6.2.3

So I expect BIND obeys this.

-- 
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Bind response to query's very small edns udp payload size

2016-04-12 Thread John Wobus

What does bind try to do if the client specifies a udp size of less than 512?
I’ve been trying queries and here is what I’ve seen:

I have a query that ordinarily receives a response with an answer section
and an authority section, the response length being ~ 500.

If I specify a udp size of 200, then I receive the same answer section,
but minus the authority section.  But the received length is greater than 200,
and the tc flag is not set.

(In contrast to this, if I try a different query that gets a truly long answer,
specifying a udp size of 512, then I do get a response with the
tc flag set and with no answer-section lines.)

I’ve been looking at a customer's reported problem,
testing scenarios and behavior that might explain it, so this is a bit
of an academic question just to know what to expect from bind.
The actual problem is likely (in my mind) to be a firewall or
client configuration.

FYI:
$ ./named -v
BIND 9.9.8-P4 (Extended Support Version) 

John Wobus
Cornell University IT
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: whether squid application of the machine and the client will get different Name Resolution ( A records)at cdn ( balance or random ) environment .

2016-04-12 Thread johnzeng

Hello Graham:

Thanks for your advisement , you are right , and i search full choice at
options part again .

and sortlist will be suitable way . but i have to write long config at
sortlist


Thanks again

Have a good day with you .





:
> Hello Dear Sir :
>
> i have a question , i have run squid ( tproxy mode ) and bind9 at a same
> machine , and dns server ip of full client is the machine ip too
>
> and when a client try to send dns request to the same machine and squid
> application of the machine send same request to local machine ( same
>
> machine ) , i hope A record will be same . but maybe squid application
> of the machine and the client will get different Name Resolution ( A
> records)
>
> at cdn ( balance or random ) environment .
>
>
> whether we can force BIND to realize same Name Resolution ( A records) ,
> i search named.conf detail and *found the command ***rrset-order fixed )
> *will be suitable *, but fixed will be support by BIND 8 ,
>
> and i use BIND 9 now , if possible , please give me some advisement
>
>
> Thanks
>
> John
>
>
>
>
> root@linux:~# nslookup n.sinaimg.cn
> ;; Truncated, retrying in TCP mode.
> Server: 127.0.0.1
> Address: 127.0.0.1#53
>
> Non-authoritative answer:
> n.sinaimg.cn canonical name = nsinaimg.gslb.sinaedge.com.
> nsinaimg.gslb.sinaedge.com canonical name = weibo.grid.sinaedge.com.
> weibo.grid.sinaedge.com canonical name = sinaedge.lxdns.com.
> sinaedge.lxdns.com canonical name = sinajs.xdwscache.ourglb0.com.
> Name: sinajs.xdwscache.ourglb0.com
> Address: 183.61.26.199
> Name: sinajs.xdwscache.ourglb0.com
> Address: 14.215.100.95
> Name: sinajs.xdwscache.ourglb0.com
> Address: 125.90.204.122
> Name: sinajs.xdwscache.ourglb0.com
> Address: 183.58.18.36
> Name: sinajs.xdwscache.ourglb0.com
> Address: 219.128.78.106
> Name: sinajs.xdwscache.ourglb0.com
> Address: 183.57.28.209
> Name: sinajs.xdwscache.ourglb0.com
> Address: 125.90.206.144
> Name: sinajs.xdwscache.ourglb0.com
> Address: 183.6.245.177
> Name: sinajs.xdwscache.ourglb0.com
> Address: 183.131.119.93
> Name: sinajs.xdwscache.ourglb0.com
> Address: 116.211.251.76
> Name: sinajs.xdwscache.ourglb0.com
> Address: 59.56.30.221
> Name: sinajs.xdwscache.ourglb0.com
> Address: 14.215.100.94
> Name: sinajs.xdwscache.ourglb0.com
> Address: 125.90.204.117
> Name: sinajs.xdwscache.ourglb0.com
> Address: 183.6.245.191
> Name: sinajs.xdwscache.ourglb0.com
> Address: 183.57.28.61
>

___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: whether squid application of the machine and the client will get different Name Resolution ( A records)at cdn ( balance or random ) environment .

2016-04-12 Thread Graham Clinch

Hi John,

> whether we can force BIND to realize same Name Resolution ( A records) ,
> i search named.conf detail and *found the command ***rrset-order fixed )
> *will be suitable *, but fixed will be support by BIND 8 ,
> 
> and i use BIND 9 now , if possible , please give me some advisement

Checking section 6.2.16.14 of the BIND 9.10 Administrators Reference
Manual (https://www.isc.org/downloads/bind/doc/):

-=-
In this release of BIND 9, the rrset-order statement does not support
”fixed” ordering by default. Fixed ordering can be enabled at compile
time by specifying ”–enable-fixed-rrset” on the ”configure” command line.
-=-

However, my reading of fixed ordering ('the order they are defined in
the zone file') implies it can only work on an authoritative server that
has a full copy of the zone.  A server that is iterating will receive
records in the order that the authoritative sorts them, and I don't see
how the iterating server can reorder them against the zone file.

sortlist (section 6.2.16.13 of 9.10) might be more appropriate, but it's
scaled more towards continent-sized address blocks rather than
reordering all answers lexicographically.

Graham
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: when i check resolver.log just now , i found some error info about AAAA ( ipv6)

when i check resolver.log just now , i found some error info about AAAA ( ipv6)

Re: Bind response to query's very small edns udp payload size

Bind response to query's very small edns udp payload size

Re: whether squid application of the machine and the client will get different Name Resolution ( A records)at cdn ( balance or random ) environment .

Re: whether squid application of the machine and the client will get different Name Resolution ( A records)at cdn ( balance or random ) environment .

6 matches

Site Navigation

Mail list logo

Footer information