Ryan, Have you solved your problem? I have similar problems. I run BIND 9.6..1-P3 on my Solaris 10 and can not resolve anything in domain nyc.gov. One thing I noticed is: BIND 9.3 send query to b.gov-servers.net with no Additional records and got a response with A records for the nyc.gov NS servers in the Additional records; but BIND 9.6 send query with type OPT Additional records and got a response with also a type OPT but no A in the Additional records. So the BIND 9.6 can not find the IP addresses of the nyc.gov NS servers and therefore can not resolve anything in that domain. Using options "max-udp-size 512" and "edns-udp-size 512" does not solve the problem.
The following are the what I captured. Anyone have any suggestions to solve the problem? Shaoquan Lin BIND 9.3 query: Domain Name System (query) Transaction ID: 0x94ca Flags: 0x0000 (Standard query) 0... .... .... .... = Response: Message is a query .000 0... .... .... = Opcode: Standard query (0) .... ..0. .... .... = Truncated: Message is not truncated .... ...0 .... .... = Recursion desired: Don't do query recursively .... .... .0.. .... = Z: reserved (0) .... .... ...0 .... = Non-authenticated data OK: Non-authenticated data is unacceptable Questions: 1 Answer RRs: 0 Authority RRs: 0 Additional RRs: 0 Queries vwall4a.nyc.gov: type A, class IN Name: vwall4a.nyc.gov Type: A (Host address) Class: IN (0x0001) BIND 9.3 response: Domain Name System (response) Transaction ID: 0x94ca Flags: 0x8000 (Standard query response, No error) 1... .... .... .... = Response: Message is a response .000 0... .... .... = Opcode: Standard query (0) .... .0.. .... .... = Authoritative: Server is not an authority for domain .... ..0. .... .... = Truncated: Message is not truncated .... ...0 .... .... = Recursion desired: Don't do query recursively .... .... 0... .... = Recursion available: Server can't do recursive queries .... .... .0.. .... = Z: reserved (0) .... .... ..0. .... = Answer authenticated: Answer/authority portion was not authenticated by the server .... .... .... 0000 = Reply code: No error (0) Questions: 1 Answer RRs: 0 Authority RRs: 4 Additional RRs: 4 Queries vwall4a.nyc.gov: type A, class IN Name: vwall4a.nyc.gov Type: A (Host address) Class: IN (0x0001) Authoritative nameservers nyc.gov: type NS, class IN, ns vwall1a.nyc.gov Name: nyc.gov Type: NS (Authoritative name server) Class: IN (0x0001) Time to live: 1 day Data length: 10 Name server: vwall1a.nyc.gov nyc.gov: type NS, class IN, ns vwall2a.nyc.gov Name: nyc.gov Type: NS (Authoritative name server) Class: IN (0x0001) Time to live: 1 day Data length: 10 Name server: vwall2a.nyc.gov nyc.gov: type NS, class IN, ns vwall3a.nyc.gov Name: nyc.gov Type: NS (Authoritative name server) Class: IN (0x0001) Time to live: 1 day Data length: 10 Name server: vwall3a.nyc.gov nyc.gov: type NS, class IN, ns vwall4a.nyc.gov Name: nyc.gov Type: NS (Authoritative name server) Class: IN (0x0001) Time to live: 1 day Data length: 10 Name server: vwall4a.nyc.gov Additional records vwall1a.nyc.gov: type A, class IN, addr 161.185.1.3 Name: vwall1a.nyc.gov Type: A (Host address) Class: IN (0x0001) Time to live: 1 day Data length: 4 Addr: 161.185.1.3 vwall2a.nyc.gov: type A, class IN, addr 161.185.1.12 Name: vwall2a.nyc.gov Type: A (Host address) Class: IN (0x0001) Time to live: 1 day Data length: 4 Addr: 161.185.1.12 vwall3a.nyc.gov: type A, class IN, addr 167.153.130.12 Name: vwall3a.nyc.gov Type: A (Host address) Class: IN (0x0001) Time to live: 1 day Data length: 4 Addr: 167.153.130.12 vwall4a.nyc.gov: type A, class IN, addr 167.153.130.13 Name: vwall4a.nyc.gov Type: A (Host address) Class: IN (0x0001) Time to live: 1 day Data length: 4 Addr: 167.153.130.13 BIND 9.6 query: Domain Name System (query) Transaction ID: 0x6427 Flags: 0x0000 (Standard query) 0... .... .... .... = Response: Message is a query .000 0... .... .... = Opcode: Standard query (0) .... ..0. .... .... = Truncated: Message is not truncated .... ...0 .... .... = Recursion desired: Don't do query recursively .... .... .0.. .... = Z: reserved (0) .... .... ...0 .... = Non-authenticated data OK: Non-authenticated data is unacceptable Questions: 1 Answer RRs: 0 Authority RRs: 0 Additional RRs: 1 Queries vwall4a.nyc.gov: type A, class IN Name: vwall4a.nyc.gov Type: A (Host address) Class: IN (0x0001) Additional records <Root>: type OPT Name: <Root> Type: OPT (EDNS0 option) UDP payload size: 512 Higher bits in extended RCODE: 0x0 EDNS0 version: 0 Z: 0x8000 Bit 0 (DO bit): 1 (Accepts DNSSEC security RRs) Bits 1-15: 0x0 (reserved) Data length: 0 BIND 9.6 response: Domain Name System (response) Transaction ID: 0x6427 Flags: 0x8000 (Standard query response, No error) 1... .... .... .... = Response: Message is a response .000 0... .... .... = Opcode: Standard query (0) .... .0.. .... .... = Authoritative: Server is not an authority for domain .... ..0. .... .... = Truncated: Message is not truncated .... ...0 .... .... = Recursion desired: Don't do query recursively .... .... 0... .... = Recursion available: Server can't do recursive queries .... .... .0.. .... = Z: reserved (0) .... .... ..0. .... = Answer authenticated: Answer/authority portion was not authenticated by the server .... .... .... 0000 = Reply code: No error (0) Questions: 1 Answer RRs: 0 Authority RRs: 6 Additional RRs: 1 Queries vwall4a.nyc.gov: type A, class IN Name: vwall4a.nyc.gov Type: A (Host address) Class: IN (0x0001) Authoritative nameservers nyc.gov: type NS, class IN, ns vwall1a.nyc.gov Name: nyc.gov Type: NS (Authoritative name server) Class: IN (0x0001) Time to live: 1 day Data length: 10 Name server: vwall1a.nyc.gov nyc.gov: type NS, class IN, ns vwall2a.nyc.gov Name: nyc.gov Type: NS (Authoritative name server) Class: IN (0x0001) Time to live: 1 day Data length: 10 Name server: vwall2a.nyc.gov nyc.gov: type NS, class IN, ns vwall3a.nyc.gov Name: nyc.gov Type: NS (Authoritative name server) Class: IN (0x0001) Time to live: 1 day Data length: 10 Name server: vwall3a.nyc.gov nyc.gov: type NS, class IN, ns vwall4a.nyc.gov Name: nyc.gov Type: NS (Authoritative name server) Class: IN (0x0001) Time to live: 1 day Data length: 10 Name server: vwall4a.nyc.gov rq2651faaj4nen6tfis8ju5005qccn8j.gov: type Unknown (50), class IN Name: rq2651faaj4nen6tfis8ju5005qccn8j.gov Type: Unknown (50) Class: IN (0x0001) Time to live: 1 day Data length: 35 Data rq2651faaj4nen6tfis8ju5005qccn8j.gov: type RRSIG, class IN Name: rq2651faaj4nen6tfis8ju5005qccn8j.gov Type: RRSIG (RR signature) Class: IN (0x0001) Time to live: 1 day Data length: 279 Type covered: Unknown (50) Algorithm: Unknown (0x07) Labels: 2 Original TTL: 1 day Signature expiration: Feb 22, 2011 05:00:22.000000000 Time signed: Feb 17, 2011 05:00:22.000000000 Id of signing key(footprint): 47602 Signer's name: gov Signature Additional records <Root>: type OPT Name: <Root> Type: OPT (EDNS0 option) UDP payload size: 1472 Higher bits in extended RCODE: 0x0 EDNS0 version: 0 Z: 0x0 Data length: 0
_______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
