Re: error (network unreachable)
In message , "ic.nssip" writ es: > > I just enabled querylog (using rndc querylog command) and each first = > query logged it's coming with errors (network unreachable) when trying = > to resolve dns servers names. > > Has anyone any idea where from this sort of message is coming from and = > what should I do to get it fixed? You should turn on IPv6. The messages are the result of named trying to query nameservers using IPv6 but as you don't have a IPv6 route to these servers the OS returns a error message saying that it couldn't send the message and named moves onto the next server. Alternatively you can disable the use of IPv6 with "named -4". Mark > Thank you, > Julian -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
dig +trace to find all the forwarders?
Hi all, I am trying to trace a recursive outbound query. My workstation is configured to point to the forwarder/resolver 192.168.0.2, which is a dedicated forwarder that is configured to forward all DNS queries to the ISP's DNS resolver. Sometimes I get name resolution failures, and I want to know if it is the ISP's DNS resolver is forwarding recursive queries to yet another server... when using 'dig example.com +trace', it only shows the recursive lookup starting at the root domain, instead of showing from my 192.168.0.2 -> ISP -> ? -> root name servers. Is there any way to discover all the forwarders/resolvers along the way before my query hits one of the root name servers? Or is that an impossible feat unless I have administrative access to each of the resolvers/forwarders to look at its configuration? Thanks in advance. -Josh ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: dig +trace to find all the forwarders?
In message , Jo sh Kuo writes: > Hi all, > > I am trying to trace a recursive outbound query. My workstation is > configured to point to the forwarder/resolver 192.168.0.2, which is a > dedicated forwarder that is configured to forward all DNS queries to the > ISP's DNS resolver. Sometimes I get name resolution failures, and I want to > know if it is the ISP's DNS resolver is forwarding recursive queries to yet > another server... when using 'dig example.com +trace', it only shows the > recursive lookup starting at the root domain, instead of showing from my > 192.168.0.2 -> ISP -> ? -> root name servers. > > Is there any way to discover all the forwarders/resolvers along the way > before my query hits one of the root name servers? Or is that an impossible > feat unless I have administrative access to each of the resolvers/forwarders > to look at its configuration? You need administrative access to see the overides to the normal resolution process. Mark > Thanks in advance. > > -Josh -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: dig +trace to find all the forwarders?
> > You need administrative access to see the overides to the normal resolution > process. > > Just so I understand this completely, by administrative access you mean I need to be able to log in to each of the resolvers (not administrative access on my local workstation to do a 'sudo dig example.net a +trace'), correct? A follow up question to that... is it even possible to perform such a trace (revealing all resolvers) with the DNS protocol? Or is this purely a designed limitation of dig? ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: dig +trace to find all the forwarders?
In message , Jo sh Kuo writes: > > You need administrative access to see the overides to the normal resolution > > process. > > > > > Just so I understand this completely, by administrative access you mean I > need to be able to log in to each of the resolvers (not administrative > access on my local workstation to do a 'sudo dig example.net a +trace'), > correct? > > A follow up question to that... is it even possible to perform such a trace > (revealing all resolvers) with the DNS protocol? It's impossible. >Or is this purely a designed limitation of dig? -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
