My resolver only does lookups for the first two domains specified by the search
directive in the /etc/resolv.conf file. For example, if I do a lookup of
server1.eur.domain2.mil and domain2.mil is the second domain specified by the
search directive, the query works. However, if domain2.mil is the third domain
specified by the search directive, the query fails.
This is behavior that has changed within the last two weeks on our Solaris
9 systems (the Solaris 10 systems still work).
The only explanation that I can think of is that the resolver libraries
have changed and that the libraries were only compiled to look through the
first 2 domains that are specified by the search directive. Is this a
possibility? Where are the dns resolver libraries located on a Solaris 9
system?
Thanks,
Andy
srs-e1-swartzb(~)->uname -a
SunOS srs-e1 5.9 Generic_122300-39 sun4u sparc SUNW,Sun-Fire-480R
srs-e1-swartzb(~)-> more /etc/resolv.conf
search eur.dcn.domain1.mil eur.domain2.mil conus.dcn.domain1.mil
nameserver 10.99.5.18
nameserver 10.99.5.25
srs-e1-swartzb(~)-> nslookup
Default Server: dns-e1.eur.dcn.domain1.mil
Address: 10.99.5.18
> set d2
QUERY #1 - successful!
> server1
Server: dns-e1.eur.dcn.domain1.mil
Address: 10.99.5.18
;; res_nmkquery(QUERY, server1.eur.dcn.domain1.mil, IN, A)
------------
SendRequest(), len 39
HEADER:
opcode = QUERY, id = 36724, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
server1.eur.dcn.domain1.mil, type = A, class = IN
------------
------------
Got answer (87 bytes):
HEADER:
opcode = QUERY, id = 36724, rcode = NXDOMAIN
header flags: response, auth. answer, want recursion
questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
server1.eur.dcn.domain1.mil, type = A, class = IN
AUTHORITY RECORDS:
-> eur.dcn.domain1.mil
type = SOA, class = IN, dlen = 36
ttl = 86400 (1D)
origin = dns-e1.eur.dcn.domain1.mil
mail addr = root.dns-e1.eur.dcn.domain1.mil
serial = 2010010803
refresh = 86400 (1D)
retry = 7200 (2H)
expire = 1728000 (1728000)
minimum ttl = 86400 (1D)
------------
;; res_nmkquery(QUERY, server1.eur.domain2.mil, IN, A)
------------
SendRequest(), len 35
HEADER:
opcode = QUERY, id = 36725, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
server1.eur.domain2.mil, type = A, class = IN
------------
------------
Got answer (138 bytes):
HEADER:
opcode = QUERY, id = 36725, rcode = NOERROR
header flags: response, auth. answer, want recursion
questions = 1, answers = 1, authority records = 2, additional = 2
QUESTIONS:
server1.eur.domain2.mil, type = A, class = IN
ANSWERS:
-> server1.eur.domain2.mil
type = A, class = IN, dlen = 4
internet address = 199.10.205.100
ttl = 86400 (1D)
AUTHORITY RECORDS:
-> eur.domain2.mil
type = NS, class = IN, dlen = 22
nameserver = dns-e2.eur.dcn.domain1.mil
ttl = 86400 (1D)
-> eur.domain2.mil
type = NS, class = IN, dlen = 9
nameserver = dns-e1.eur.dcn.domain1.mil
ttl = 86400 (1D)
ADDITIONAL RECORDS:
-> dns-e1.eur.dcn.domain1.mil
type = A, class = IN, dlen = 4
internet address = 10.99.5.18
ttl = 86400 (1D)
-> dns-e2.eur.dcn.domain1.mil
type = A, class = IN, dlen = 4
internet address = 10.99.5.25
ttl = 86400 (1D)
------------
Name: server1.eur.domain2.mil
Address: 199.10.205.100
> exit
srs-e1-swartzb(~)-> more /etc/resolv.conf
search eur.dcn.domain1.mil conus.dcn.domain1.mil eur.domain2.mil
nameserver 10.99.5.18
nameserver 10.99.5.25
srs-e1-swartzb(~)-> nslookup
Default Server: dns-e1.eur.dcn.domain1.mil
Address: 10.99.5.18
> set d2
QUERY #2 - NOT successful!
> server1
Server: dns-e1.eur.dcn.domain1.mil
Address: 10.99.5.18
;; res_nmkquery(QUERY, server1.eur.dcn.domain1.mil, IN, A)
------------
SendRequest(), len 39
HEADER:
opcode = QUERY, id = 9424, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
server1.eur.dcn.domain1.mil, type = A, class = IN
------------
------------
Got answer (87 bytes):
HEADER:
opcode = QUERY, id = 9424, rcode = NXDOMAIN
header flags: response, auth. answer, want recursion
questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
server1.eur.dcn.domain1.mil, type = A, class = IN
AUTHORITY RECORDS:
-> eur.dcn.domain1.mil
type = SOA, class = IN, dlen = 36
ttl = 86400 (1D)
origin = dns-e1.eur.dcn.domain1.mil
mail addr = root.dns-e1.eur.dcn.domain1.mil
serial = 2010010803
refresh = 86400 (1D)
retry = 7200 (2H)
expire = 1728000 (1728000)
minimum ttl = 86400 (1D)
------------
;; res_nmkquery(QUERY, server1.conus.dcn.domain1.mil, IN, A)
------------
SendRequest(), len 41
HEADER:
opcode = QUERY, id = 9425, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
server1.conus.dcn.domain1.mil, type = A, class = IN
------------
------------
Got answer (41 bytes):
HEADER:
opcode = QUERY, id = 9425, rcode = SERVFAIL
header flags: response, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
server1.conus.dcn.domain1.mil, type = A, class = IN
------------
;; res_nmkquery(QUERY, server1, IN, A)
------------
SendRequest(), len 22
HEADER:
opcode = QUERY, id = 9426, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
server1, type = A, class = IN
------------
------------
Got answer (22 bytes):
HEADER:
opcode = QUERY, id = 9426, rcode = REFUSED
header flags: response, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
server1, type = A, class = IN
------------
*** dns-e1.eur.dcn.domain1.mil can't find server1: Query refused
> exit
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
