> trying to resolve www.microsoft.com or microsoft.com results in a > "connection timed out; no servers could be reached"
Well, for what it's worth - it's not just you having that issue. When testing from home and from work I get the same. Of course, I could be doing something wrong, but whenever I see an error I like to imagine it's somebody elses fault :D One of the nameservers for microsoft.com is ns1.msft.net with an IP address of 65.55.37.62. For some reason the response I get from it is truncated, and retrying using TCP doesn't work. Using EDNS0 also doesn't seem to work, I get FORMERR back: [eiv...@vimes ~]$ /usr/local/bin/dig any microsoft.com @65.55.37.62 ;; Truncated, retrying in TCP mode. ; <<>> DiG 9.7.2-P2 <<>> any microsoft.com @65.55.37.62 ;; global options: +cmd ;; connection timed out; no servers could be reached [eiv...@vimes ~]$ /usr/local/bin/dig +edns=0 any microsoft.com @65.55.37.62 ; <<>> DiG 9.7.2-P2 <<>> +edns=0 any microsoft.com @65.55.37.62 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: FORMERR, id: 6660 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;microsoft.com. IN ANY ;; Query time: 205 msec ;; SERVER: 65.55.37.62#53(65.55.37.62) ;; WHEN: Tue Dec 28 09:10:55 2010 ;; MSG SIZE rcvd: 42 [eiv...@vimes ~]$ Doing queries that give shorter answers work fine - look at these, notice the big (but still small enough) TXT reply, and then see how it fails on a query for "any": [eiv...@vimes ~]$ /usr/local/bin/dig +short any www.microsoft.com @65.55.37.62 toggle.www.ms.akadns.net. [eiv...@vimes ~]$ /usr/local/bin/dig +short mx www.microsoft.com @65.55.37.62 toggle.www.ms.akadns.net. [eiv...@vimes ~]$ /usr/local/bin/dig +short mx microsoft.com @65.55.37.62 10 mail.messaging.microsoft.com. [eiv...@vimes ~]$ /usr/local/bin/dig +short txt microsoft.com @65.55.37.62 "v=spf1 mx include:_spf-a.microsoft.com include:_spf-b.microsoft.com include:_spf-c.microsoft.com include:_spf-ssg-a.microsoft.com ip4:131.107.115.212 ip4:131.107.115.215 ip4:131.107.115.214 ip4:205.248.106.64 ip4:205.248.106.30 ip4:205.248.106.32 ~all" "FbUF6DbkE+Aw1/wi9xgDi8KVrIIZus5v8L6tbIQZkGrQ/rVQKJi8CjQbBtWtE64ey4NJJwj5J65PIggVYNabdQ==" [eiv...@vimes ~]$ /usr/local/bin/dig +short any microsoft.com @65.55.37.62 ;; Truncated, retrying in TCP mode. ;; connection timed out; no servers could be reached [eiv...@vimes ~]$ And in general, I don't have problems with EDNS0 or using TCP to look up other domains with big replies, for example I can use both both of these commands just fine: /usr/local/bin/dig +edns=0 any se. @a.ns.se /usr/local/bin/dig +vc any se. @a.ns.se So, to recap: at the risk of showing what a fool I am by doing something completely wrong here, I'm betting Microsoft has messed up their DNS - I would have expected queries over TCP to work, and I would not have expected EDNS to give a FORMERR (but ok, if a nameserver doesn't implement EDNS, giving a FORMERR is apparantly the right thing to do). _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
