On 09/01/11 17:56, Tom Schmitt wrote: > > I found the cause of my problem (and a solution): > > dig +trace actually has another behaviour than doing the trace manually step > by step with dig. > > > For a trace, dig is asking for the NS-records, then for the IP-address of the > nameserver found and then go on asking this nameserver. Till the destination > is reached. > > In my case, dig is asking for the nameservers of the root-zone and is getting > the answer: > . IN NS root1 > . IN NS root2 > etc > > Next dig is asking for the A-record of root1. And here is the differrence: > > If I do "dig root1" dig is asking exactly this, it is asking for the A-record > of root1. And of course I get the correct answer from named. > > The +trace option does not do this! > Instead, the +trace-option is using the searchsuffix in the resolv.conf and > is asking for root1.my.search.suffix. and NOT for root1. > This is why the +trace option fails every time. > > After deleting the searchsuffix in resolv.conf, dig +trace is working fine > without any error. > > In my oppinion it's a bug that dig +trace behave in a differrent way than > doing the queries with dig one by one.
No, IMHO, it's a bug in your root zone. Names without dot at end are relative. Change your root zone to say . IN NS root1. . IN NS root2. (with dots appended) and you should be home.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
