On Jan 14, 2010, at 5:47 AM, Andrew Swartzbaugh wrote: > My resolver only does lookups for the first two domains specified by the > search directive in the /etc/resolv.conf file. For example, if I do a lookup > of server1.eur.domain2.mil and domain2.mil is the second domain specified by > the search directive, the query works. However, if domain2.mil is the third > domain specified by the search directive, the query fails. > > This is behavior that has changed within the last two weeks on our Solaris > 9 systems (the Solaris 10 systems still work). > > The only explanation that I can think of is that the resolver libraries > have changed and that the libraries were only compiled to look through the > first 2 domains that are specified by the search directive. Is this a > possibility? Where are the dns resolver libraries located on a Solaris 9 > system?
nslookup is not a valid test of the behavior of the stub resolver. Can you demonstrate the problem with a method that actually sends a request to the stub resolver, such as 'ping server1'? Chris Buxton > srs-e1-swartzb(~)->uname -a > SunOS srs-e1 5.9 Generic_122300-39 sun4u sparc SUNW,Sun-Fire-480R > > srs-e1-swartzb(~)-> more /etc/resolv.conf > search eur.dcn.domain1.mil eur.domain2.mil conus.dcn.domain1.mil > nameserver 10.99.5.18 > nameserver 10.99.5.25 > > srs-e1-swartzb(~)-> nslookup > Default Server: dns-e1.eur.dcn.domain1.mil > Address: 10.99.5.18 > >> set d2 > > > QUERY #1 - successful! > > >> server1 > Server: dns-e1.eur.dcn.domain1.mil > Address: 10.99.5.18 > > ;; res_nmkquery(QUERY, server1.eur.dcn.domain1.mil, IN, A) > ------------ > SendRequest(), len 39 > HEADER: > opcode = QUERY, id = 36724, rcode = NOERROR > header flags: query, want recursion > questions = 1, answers = 0, authority records = 0, additional = 0 > > QUESTIONS: > server1.eur.dcn.domain1.mil, type = A, class = IN > > ------------ > ------------ > Got answer (87 bytes): > HEADER: > opcode = QUERY, id = 36724, rcode = NXDOMAIN > header flags: response, auth. answer, want recursion > questions = 1, answers = 0, authority records = 1, additional = 0 > > QUESTIONS: > server1.eur.dcn.domain1.mil, type = A, class = IN > AUTHORITY RECORDS: > -> eur.dcn.domain1.mil > type = SOA, class = IN, dlen = 36 > ttl = 86400 (1D) > origin = dns-e1.eur.dcn.domain1.mil > mail addr = root.dns-e1.eur.dcn.domain1.mil > serial = 2010010803 > refresh = 86400 (1D) > retry = 7200 (2H) > expire = 1728000 (1728000) > minimum ttl = 86400 (1D) > > ------------ > ;; res_nmkquery(QUERY, server1.eur.domain2.mil, IN, A) > ------------ > SendRequest(), len 35 > HEADER: > opcode = QUERY, id = 36725, rcode = NOERROR > header flags: query, want recursion > questions = 1, answers = 0, authority records = 0, additional = 0 > > QUESTIONS: > server1.eur.domain2.mil, type = A, class = IN > > ------------ > ------------ > Got answer (138 bytes): > HEADER: > opcode = QUERY, id = 36725, rcode = NOERROR > header flags: response, auth. answer, want recursion > questions = 1, answers = 1, authority records = 2, additional = 2 > > QUESTIONS: > server1.eur.domain2.mil, type = A, class = IN > ANSWERS: > -> server1.eur.domain2.mil > type = A, class = IN, dlen = 4 > internet address = 199.10.205.100 > ttl = 86400 (1D) > AUTHORITY RECORDS: > -> eur.domain2.mil > type = NS, class = IN, dlen = 22 > nameserver = dns-e2.eur.dcn.domain1.mil > ttl = 86400 (1D) > -> eur.domain2.mil > type = NS, class = IN, dlen = 9 > nameserver = dns-e1.eur.dcn.domain1.mil > ttl = 86400 (1D) > ADDITIONAL RECORDS: > -> dns-e1.eur.dcn.domain1.mil > type = A, class = IN, dlen = 4 > internet address = 10.99.5.18 > ttl = 86400 (1D) > -> dns-e2.eur.dcn.domain1.mil > type = A, class = IN, dlen = 4 > internet address = 10.99.5.25 > ttl = 86400 (1D) > > ------------ > Name: server1.eur.domain2.mil > Address: 199.10.205.100 > >> exit > > > > > > srs-e1-swartzb(~)-> more /etc/resolv.conf > search eur.dcn.domain1.mil conus.dcn.domain1.mil eur.domain2.mil > nameserver 10.99.5.18 > nameserver 10.99.5.25 > > srs-e1-swartzb(~)-> nslookup > Default Server: dns-e1.eur.dcn.domain1.mil > Address: 10.99.5.18 > >> set d2 > > > QUERY #2 - NOT successful! > > >> server1 > Server: dns-e1.eur.dcn.domain1.mil > Address: 10.99.5.18 > > ;; res_nmkquery(QUERY, server1.eur.dcn.domain1.mil, IN, A) > ------------ > SendRequest(), len 39 > HEADER: > opcode = QUERY, id = 9424, rcode = NOERROR > header flags: query, want recursion > questions = 1, answers = 0, authority records = 0, additional = 0 > > QUESTIONS: > server1.eur.dcn.domain1.mil, type = A, class = IN > > ------------ > ------------ > Got answer (87 bytes): > HEADER: > opcode = QUERY, id = 9424, rcode = NXDOMAIN > header flags: response, auth. answer, want recursion > questions = 1, answers = 0, authority records = 1, additional = 0 > > QUESTIONS: > server1.eur.dcn.domain1.mil, type = A, class = IN > AUTHORITY RECORDS: > -> eur.dcn.domain1.mil > type = SOA, class = IN, dlen = 36 > ttl = 86400 (1D) > origin = dns-e1.eur.dcn.domain1.mil > mail addr = root.dns-e1.eur.dcn.domain1.mil > serial = 2010010803 > refresh = 86400 (1D) > retry = 7200 (2H) > expire = 1728000 (1728000) > minimum ttl = 86400 (1D) > > ------------ > ;; res_nmkquery(QUERY, server1.conus.dcn.domain1.mil, IN, A) > ------------ > SendRequest(), len 41 > HEADER: > opcode = QUERY, id = 9425, rcode = NOERROR > header flags: query, want recursion > questions = 1, answers = 0, authority records = 0, additional = 0 > > QUESTIONS: > server1.conus.dcn.domain1.mil, type = A, class = IN > > ------------ > ------------ > Got answer (41 bytes): > HEADER: > opcode = QUERY, id = 9425, rcode = SERVFAIL > header flags: response, want recursion > questions = 1, answers = 0, authority records = 0, additional = 0 > > QUESTIONS: > server1.conus.dcn.domain1.mil, type = A, class = IN > > ------------ > ;; res_nmkquery(QUERY, server1, IN, A) > ------------ > SendRequest(), len 22 > HEADER: > opcode = QUERY, id = 9426, rcode = NOERROR > header flags: query, want recursion > questions = 1, answers = 0, authority records = 0, additional = 0 > > QUESTIONS: > server1, type = A, class = IN > > ------------ > ------------ > Got answer (22 bytes): > HEADER: > opcode = QUERY, id = 9426, rcode = REFUSED > header flags: response, want recursion > questions = 1, answers = 0, authority records = 0, additional = 0 > > QUESTIONS: > server1, type = A, class = IN > > ------------ > *** dns-e1.eur.dcn.domain1.mil can't find server1: Query refused >> exit > > > > > _______________________________________________ > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
