On 8 September 2013 12:06, Carol Overes <ca...@overes.net> wrote:
> Apologies if my approach was not clear, after Steve's mail. But I tested
> by using dig without the +trace option. I have tested the following from
> an IP, which is accepted via the trusted ACL:
>
> dig @10.10.10.1 www.domain2.com A
> dig @10.10.10.1 domain2.com NS
>
> And directly from the internal DNS server 10.10.10.1:
>
> dig @127.0.0.1 www.domain2.com A
> dig @127.0.0.1 domain2.com NS


In order to help further you're going to have to post real domain
names and the full unmodified output of command+response from dig so
we can see the fully response. Also, if you can, retake the packet
capture and then filter out only DNS packets and upload the capture
somewhere so we can take a look at the packets.

Steve
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Reply via email to