from:"Andrew Swartzbaugh"

search directive in resolv.conf - only 2 domains searched

2010-01-14 Thread Andrew Swartzbaugh

My resolver only does lookups for the first two domains specified by the search 
directive in the /etc/resolv.conf file.  For example, if I do a lookup of 
server1.eur.domain2.mil and domain2.mil is the second domain specified by the 
search directive, the query works.  However, if domain2.mil is the third domain 
specified by the search directive, the query fails.

This is behavior that has changed within the last two weeks on our Solaris
9 systems (the Solaris 10 systems still work).

The only explanation that I can think of is that the resolver libraries
have changed and that the libraries were only compiled to look through the 
first 2 domains that are specified by the search directive.  Is this a 
possibility?  Where are the dns resolver libraries located on a Solaris 9 
system?


Thanks,
Andy





srs-e1-swartzb(~)->uname -a
SunOS srs-e1 5.9 Generic_122300-39 sun4u sparc SUNW,Sun-Fire-480R

srs-e1-swartzb(~)-> more /etc/resolv.conf
search eur.dcn.domain1.mil eur.domain2.mil conus.dcn.domain1.mil 
nameserver 10.99.5.18
nameserver 10.99.5.25

srs-e1-swartzb(~)-> nslookup
Default Server:  dns-e1.eur.dcn.domain1.mil
Address:  10.99.5.18

> set d2


QUERY #1 - successful!


> server1
Server:  dns-e1.eur.dcn.domain1.mil
Address:  10.99.5.18

;; res_nmkquery(QUERY, server1.eur.dcn.domain1.mil, IN, A)

SendRequest(), len 39
HEADER:
opcode = QUERY, id = 36724, rcode = NOERROR
header flags:  query, want recursion
questions = 1,  answers = 0,  authority records = 0,  additional = 0

QUESTIONS:
server1.eur.dcn.domain1.mil, type = A, class = IN



Got answer (87 bytes):
HEADER:
opcode = QUERY, id = 36724, rcode = NXDOMAIN
header flags:  response, auth. answer, want recursion
questions = 1,  answers = 0,  authority records = 1,  additional = 0

QUESTIONS:
server1.eur.dcn.domain1.mil, type = A, class = IN
AUTHORITY RECORDS:
->  eur.dcn.domain1.mil
type = SOA, class = IN, dlen = 36
ttl = 86400 (1D)
origin = dns-e1.eur.dcn.domain1.mil
mail addr = root.dns-e1.eur.dcn.domain1.mil
serial = 2010010803
refresh = 86400 (1D)
retry   = 7200 (2H)
expire  = 1728000 (1728000)
minimum ttl = 86400 (1D)


;; res_nmkquery(QUERY, server1.eur.domain2.mil, IN, A)

SendRequest(), len 35
HEADER:
opcode = QUERY, id = 36725, rcode = NOERROR
header flags:  query, want recursion
questions = 1,  answers = 0,  authority records = 0,  additional = 0

QUESTIONS:
server1.eur.domain2.mil, type = A, class = IN



Got answer (138 bytes):
HEADER:
opcode = QUERY, id = 36725, rcode = NOERROR
header flags:  response, auth. answer, want recursion
questions = 1,  answers = 1,  authority records = 2,  additional = 2

QUESTIONS:
server1.eur.domain2.mil, type = A, class = IN
ANSWERS:
->  server1.eur.domain2.mil
type = A, class = IN, dlen = 4
internet address = 199.10.205.100
ttl = 86400 (1D)
AUTHORITY RECORDS:
->  eur.domain2.mil
type = NS, class = IN, dlen = 22
nameserver = dns-e2.eur.dcn.domain1.mil
ttl = 86400 (1D)
->  eur.domain2.mil
type = NS, class = IN, dlen = 9
nameserver = dns-e1.eur.dcn.domain1.mil
ttl = 86400 (1D)
ADDITIONAL RECORDS:
->  dns-e1.eur.dcn.domain1.mil
type = A, class = IN, dlen = 4
internet address = 10.99.5.18
ttl = 86400 (1D)
->  dns-e2.eur.dcn.domain1.mil
type = A, class = IN, dlen = 4
internet address = 10.99.5.25
ttl = 86400 (1D)


Name:server1.eur.domain2.mil
Address:  199.10.205.100

> exit





srs-e1-swartzb(~)-> more /etc/resolv.conf
search eur.dcn.domain1.mil conus.dcn.domain1.mil eur.domain2.mil
nameserver 10.99.5.18
nameserver 10.99.5.25

srs-e1-swartzb(~)-> nslookup
Default Server:  dns-e1.eur.dcn.domain1.mil
Address:  10.99.5.18

> set d2


QUERY #2 - NOT successful!


> server1
Server:  dns-e1.eur.dcn.domain1.mil
Address:  10.99.5.18

;; res_nmkquery(QUERY, server1.eur.dcn.domain1.mil, IN, A)

SendRequest(), len 39
HEADER:
opcode = QUERY, id = 9424, rcode = NOERROR
header flags:  query, want recursion
questions = 1,  answers = 0,  authority records = 0,  additional = 0

QUESTIONS:
server1.eur.dcn.domain1.mil, type = A, class = IN



Got answer (87 bytes):
HEADER:
opcode = QUERY, id = 9424, rcode = NXDOMAIN
header flags:  response, auth. answer, want recursion
questions = 1,  answers = 0,  authority records = 1,  additional = 0

QUESTIONS:
server1.eur.dcn.domain1.mil, type = A, class = IN
AUTHORITY RECORDS:
->  eur.dcn.domain1.mil
type = SOA, class = IN, dlen = 36
ttl = 86400 (1D)
origin = d

Re: search directive in resolv.conf - only 2 domains searched

2010-01-14 Thread Andrew Swartzbaugh

Chris,

Yes, you are correct.  I took the user's word for it and then used nslookup to 
do my troubleshooting and was misled by the output.

There is no problem with the search directive.  Thank you for your quick 
response.

Thanks,
Andy


--- On Thu, 1/14/10, Chris Buxton  wrote:

> From: Chris Buxton 
> Subject: Re: search directive in resolv.conf - only 2 domains searched
> To: "Andrew Swartzbaugh" 
> Cc: bind-users@lists.isc.org
> Date: Thursday, January 14, 2010, 4:04 AM
> On Jan 14, 2010, at 5:47 AM, Andrew
> Swartzbaugh wrote:
> 
> > My resolver only does lookups for the first two
> domains specified by the search directive in the
> /etc/resolv.conf file.  For example, if I do a lookup
> of server1.eur.domain2.mil and domain2.mil is the second
> domain specified by the search directive, the query
> works.  However, if domain2.mil is the third domain
> specified by the search directive, the query fails.
> > 
> > This is behavior that has changed within the last two
> weeks on our Solaris
> > 9 systems (the Solaris 10 systems still work).
> > 
> > The only explanation that I can think of is that the
> resolver libraries
> > have changed and that the libraries were only compiled
> to look through the first 2 domains that are specified by
> the search directive.  Is this a possibility? 
> Where are the dns resolver libraries located on a Solaris 9
> system?
> 
> nslookup is not a valid test of the behavior of the stub
> resolver. Can you demonstrate the problem with a method that
> actually sends a request to the stub resolver, such as 'ping
> server1'?
> 
> Chris Buxton
> 
> > srs-e1-swartzb(~)->uname -a
> > SunOS srs-e1 5.9 Generic_122300-39 sun4u sparc
> SUNW,Sun-Fire-480R
> > 
> > srs-e1-swartzb(~)-> more /etc/resolv.conf
> > search eur.dcn.domain1.mil eur.domain2.mil
> conus.dcn.domain1.mil 
> > nameserver 10.99.5.18
> > nameserver 10.99.5.25
> > 
> > srs-e1-swartzb(~)-> nslookup
> > Default Server:  dns-e1.eur.dcn.domain1.mil
> > Address:  10.99.5.18
> > 
> >> set d2
> > 
> > 
> > QUERY #1 - successful!
> > 
> > 
> >> server1
> > Server:  dns-e1.eur.dcn.domain1.mil
> > Address:  10.99.5.18
> > 
> > ;; res_nmkquery(QUERY, server1.eur.dcn.domain1.mil,
> IN, A)
> > 
> > SendRequest(), len 39
> >    HEADER:
> >     opcode = QUERY, id = 36724, rcode =
> NOERROR
> >     header flags:  query, want
> recursion
> >     questions = 1,  answers =
> 0,  authority records = 0,  additional = 0
> > 
> >    QUESTIONS:
> >     server1.eur.dcn.domain1.mil, type =
> A, class = IN
> > 
> > 
> > 
> > Got answer (87 bytes):
> >    HEADER:
> >     opcode = QUERY, id = 36724, rcode =
> NXDOMAIN
> >     header flags:  response, auth.
> answer, want recursion
> >     questions = 1,  answers =
> 0,  authority records = 1,  additional = 0
> > 
> >    QUESTIONS:
> >     server1.eur.dcn.domain1.mil, type =
> A, class = IN
> >    AUTHORITY RECORDS:
> >    ->  eur.dcn.domain1.mil
> >     type = SOA, class = IN, dlen = 36
> >     ttl = 86400 (1D)
> >     origin =
> dns-e1.eur.dcn.domain1.mil
> >     mail addr =
> root.dns-e1.eur.dcn.domain1.mil
> >     serial = 2010010803
> >     refresh = 86400 (1D)
> >     retry   = 7200 (2H)
> >     expire  = 1728000 (1728000)
> >     minimum ttl = 86400 (1D)
> > 
> > 
> > ;; res_nmkquery(QUERY, server1.eur.domain2.mil, IN,
> A)
> > 
> > SendRequest(), len 35
> >    HEADER:
> >     opcode = QUERY, id = 36725, rcode =
> NOERROR
> >     header flags:  query, want
> recursion
> >     questions = 1,  answers =
> 0,  authority records = 0,  additional = 0
> > 
> >    QUESTIONS:
> >     server1.eur.domain2.mil, type = A,
> class = IN
> > 
> > 
> > 
> > Got answer (138 bytes):
> >    HEADER:
> >     opcode = QUERY, id = 36725, rcode =
> NOERROR
> >     header flags:  response, auth.
> answer, want recursion
> >     questions = 1,  answers =
> 1,  authority records = 2,  additional = 2
> > 
> >    QUESTIONS:
> >     server1.eur.domain2.mil, type = A,
> class = IN
> >    ANSWERS:
> >    ->  server1.eur.domain2.mil
> >     type = A, class = IN, dlen = 4
> >     internet address = 199.10.205.100
> >     ttl = 86400 (1D)
> >    AUTHORITY RECORDS:
> >    ->  eur.domain2.mil
>

search directive in resolv.conf - only 2 domains searched

Re: search directive in resolv.conf - only 2 domains searched

2 matches

Site Navigation

Mail list logo

Footer information