Mark Andrews writes:
>
> In message <002301cb1362$49ef8db0$ddcea9...@net>, "Nadir Aliyev" writes:
> > Hmm interesting that, sometimes dns query can get normal result.
> >
> > But sometimes not.
> >
> > Its bind bug or godaddy's problems? Any ideas?
> >
> > But interesting that I detected this
In message <002301cb1362$49ef8db0$ddcea9...@net>, "Nadir Aliyev" writes:
> Hmm interesting that, sometimes dns query can get normal result.
>
> But sometimes not.
>
> Its bind bug or godaddy's problems? Any ideas?
>
> But interesting that I detected this problem no goddaddy's servers to.
>
>
Hmm interesting that, sometimes dns query can get normal result.
But sometimes not.
Its bind bug or godaddy's problems? Any ideas?
But interesting that I detected this problem no goddaddy's servers to.
For example from following korean site I cant get normal results.
# nslookup kotra
The nameservers for nourishinteractive.com are BROKEN.
Note the warning message. It's telling you that dig found a error.
If you count the records printed and compare them to the numbers
in the header section you will see that they don't match. Additionally
the server set "tc" when it shouldn't
DNS people,
CentOS 5 BIND rpm (9.3.6-P1-RedHat-9.3.6-4.P1.el5 ) widespread problem
reports for a significant number of domains on amazonaws.com.
+trace fails but "direct" dig returns "valid" data, please look through
the output below since it is shorter than trying to summarize:
[r...@node1
In article ,
Mark Andrews wrote:
> In message <4c229962.9000...@zuka.net>, Dave Filchak writes:
> > Hi all,
> >
> > Is there a way to allow a recursive query from a dynamically allocated
> > IP address? I know that the options statements match list requires an IP
> > address but if the IP add
In message <4c229962.9000...@zuka.net>, Dave Filchak writes:
> Hi all,
>
> Is there a way to allow a recursive query from a dynamically allocated
> IP address? I know that the options statements match list requires an IP
> address but if the IP address I am coming from changes from
> time-to-t
Hi all,
Is there a way to allow a recursive query from a dynamically allocated
IP address? I know that the options statements match list requires an IP
address but if the IP address I am coming from changes from
time-to-time, is there any way I can track that? I use DynDNS but I
cannot put th
You can fake the whole example.com if you don't mind keeping the "real"
entries (e.g. www.example.com) in synch if they happen to change. Maybe
an automated script could look for the changes and apply them to your
version of the zone.
If you're not up to that, it gets ugly. The only method tha
On Jun 23, 2010, at 11:06 PM, Peter Macko wrote:
How can I "fake" a part of domain?
Explanation of what I mean:
- There is example.com domain somewhere on internet (not under my
control) that contains:
www.example.com IP: 1.2.3.4
www2.example.com ...IP: 11.22.33.44
If it is not a local DPI problem then the only other thing
is that domaincontrol.com in using anycast and one or more
of the sites is using using nameservers that don't respond
to EDNS queries or has a firewall that blocks EDNS queries.
Mark
% traceroute -
How can I "fake" a part of domain?
Explanation of what I mean:
- There is example.com domain somewhere on internet (not under my control) that
contains: www.example.com IP: 1.2.3.4www2.example.com ...
IP: 11.22.33.44
- I have local DNS; and for my local network I fake to ha
Am 23.06.2010 22:01, schrieb Hoover Chan:
I have a strange problem where most things are working (i.e. I can query and
get the correct answers from DNS) but a few domains which worked before have
stopped working. Yet, when I go to another DNS server, they do get resolved.
Any pointer to where
I have a strange problem where most things are working (i.e. I can query and
get the correct answers from DNS) but a few domains which worked before have
stopped working. Yet, when I go to another DNS server, they do get resolved.
Any pointer to where I should look first? Get a newer list of roo
Another datapoint:
dig +dnssec @ns33.domaincontrol.com. replacementservices.com.
; <<>> DiG 9.6.0-APPLE-P2 <<>> +dnssec @ns33.domaincontrol.com.
replacementservices.com.
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached
silver3:~ carlsen$ dig +dnssec
On Wed, Jun 23, 2010 at 05:25:31PM +0200, Warren Kumari wrote:
> >>
> >> # dig +dnssec @ns33.domaincontrol.com. replacementservices.com.
> >
> > Since it's working quite okay for several locations on here, the
> > problem may be found somewhere in between sites.
> >
> > I personally don't get any f
On Jun 23, 2010, at 2:41 PM, Torsten wrote:
Am Wed, 23 Jun 2010 11:01:29 +0200
schrieb Erwin Lansing :
On Wed, Jun 23, 2010 at 05:51:24PM +1000, Mark Andrews wrote:
In message
,
Piff writes:
Mark,
more than once you have blamed firewal but I have tested without
firewall and NSxx.DOMAINCON
Thank you very much. I will read through that.
Thomas E. Casartello, Jr.
Staff Assistant - Wireless/Linux Administrator
Information Technology
Wilson 105A
Westfield State College
-Original Message-
From: bind-users-bounces+tcasartello=wsc.ma@lists.isc.org
[mailto:bind-users-bounces+tc
On 23.06.10 09:32, Casartello, Thomas wrote:
> Now,
> my network admin has decided to split that space up and is only giving them
> half of that space (a /25.) I need to find a way to allow them to manage
> their address space (207.159.173.0-207.159.173.127, but we want to have
> control over 207.1
Hello,
I'm trying to figure out a problem my network admin caused for me. We give a
certain address space on our network to our computer science academic
department for them to manage. We additionally allow them to manage the
reverse DNS for their address space. We used to give them a full /24 so
On 23.06.10 14:41, Torsten wrote:
> Since it's working quite okay for several locations on here, the
> problem may be found somewhere in between sites.
>
> I personally don't get any failures with the dig statement from above
> no matter how often I try.
>
> Looking at a tracepath the last hop I
Am Wed, 23 Jun 2010 11:01:29 +0200
schrieb Erwin Lansing :
> On Wed, Jun 23, 2010 at 05:51:24PM +1000, Mark Andrews wrote:
> >
> > In message
> > ,
> > Piff writes:
> > > Mark,
> > >
> > > more than once you have blamed firewal but I have tested without
> > > firewall and NSxx.DOMAINCONTROL.COM
On 23.06.2010 / 17:51:24 +1000, Mark Andrews wrote:
>
> In message ,
> Piff
> writes:
> > Mark,
> >
> > more than once you have blamed firewal but I have tested without
> > firewall and NSxx.DOMAINCONTROL.COM do not answer to "dig +dnssec".
>
> Wrong. The nameserver DO answer these queries.
>
On Wed, Jun 23, 2010 at 11:23:51AM +0200, Matus UHLAR - fantomas wrote:
>
> works for me, works for mark... the problem is apparently not on their side.
> I have tried more times when reading this thread. I'm also curious where the
> problem could be.
>
All I know is that "something" changed last
> On Wed, Jun 23, 2010 at 05:51:24PM +1000, Mark Andrews wrote:
> > Wrong. The nameserver DO answer these queries.
On 23.06.10 11:01, Erwin Lansing wrote:
> Right, unfortunately. All is fine on a freshly reloaded bind, but after
> a while no answers are seen. This is on Bind 9.4, 9.5 and 9.6.
Ricardo Oliveira wrote:
> Did anyone configured/hacked bind to reflect the ip address of theĀ
> querying resolver as whoami.ultradns.net is doing?
I'd use scapy[1] and its AnsweringMachine module. It's probably easiest to use
and adapt, although quite slow.
BIND could possibly serve the fea
On Wed, Jun 23, 2010 at 05:51:24PM +1000, Mark Andrews wrote:
>
> In message ,
> Piff
> writes:
> > Mark,
> >
> > more than once you have blamed firewal but I have tested without
> > firewall and NSxx.DOMAINCONTROL.COM do not answer to "dig +dnssec".
>
> Wrong. The nameserver DO answer these
In message , Piff
writes:
> Mark,
>
> more than once you have blamed firewal but I have tested without
> firewall and NSxx.DOMAINCONTROL.COM do not answer to "dig +dnssec".
Wrong. The nameserver DO answer these queries.
# dig +dnssec @ns33.domaincontrol.com. replacementservices.com.
; <<>> D
Mark,
more than once you have blamed firewal but I have tested without
firewall and NSxx.DOMAINCONTROL.COM do not answer to "dig +dnssec".
The real problem is bind. Freshly reloaded bind will do a query with
OPT EDNS0 set and after a timeout retry the query without OPT EDNS0
but
after some time
29 matches
Mail list logo
