RE: RE: what does dig +trace do?

Wed, 31 Aug 2011 01:20:18 -0700 

I believe what is missing the root cache file.  The root cache file would 
something like this.

; <<>> DiG 9.7.4b1-RedHat-9.7.4-0.3.b1.fc14 <<>> +trace valhalla.stsci.edu
;; global options: +cmd
.                       132693  IN      NS      c.root-servers.net.
.                       132693  IN      NS      b.root-servers.net.
.                       132693  IN      NS      j.root-servers.net.
.                       132693  IN      NS      d.root-servers.net.
.                       132693  IN      NS      f.root-servers.net.
.                       132693  IN      NS      a.root-servers.net.
.                       132693  IN      NS      i.root-servers.net.
.                       132693  IN      NS      g.root-servers.net.
.                       132693  IN      NS      h.root-servers.net.
.                       132693  IN      NS      l.root-servers.net.
.                       132693  IN      NS      e.root-servers.net.
.                       132693  IN      NS      m.root-servers.net.
.                       132693  IN      NS      k.root-servers.net.
;; Received 496 bytes from 192.168.0.1#53(192.168.0.1) in 266 ms

The root server would have glue records point to GTLDs, like this
 
edu.                    172800  IN      NS      f.edu-servers.net.
edu.                    172800  IN      NS      a.edu-servers.net.
edu.                    172800  IN      NS      c.edu-servers.net.
edu.                    172800  IN      NS      g.edu-servers.net.
edu.                    172800  IN      NS      d.edu-servers.net.
edu.                    172800  IN      NS      l.edu-servers.net.
;; Received 271 bytes from 198.41.0.4#53(198.41.0.4) in 205 ms

Then the GTLDs would have glue records pointing to nameserver of the domain you 
are trying to trace.

What you are seeing is your local nameservers, it seems to me they don't have 
access to the Internet or a firewall is blocking some of the response or you 
don't have the root cache file to do hints or combination of all the above. Or 
some other issue that not very clear but the trace should start with the 
Internet root name servers.

Gary

________________________________________
From: bind-users-bounces+gladney=stsci....@lists.isc.org 
[bind-users-bounces+gladney=stsci....@lists.isc.org] on behalf of Tom Schmitt 
[tomschm...@gmx.de]
Sent: Wednesday, August 31, 2011 2:18 AM
To: bind-users@lists.isc.org
Subject: Re: RE: what does dig +trace do?

>
> What strikes me as odd is that the first query does return 4 (internal)
> root servers, but no glue records ?

I have no idea why this is this way.

> Given those root name servers, do you have A-records for root[1234] in
> your root zone ?

Yes, of course. From my root-zone:


.  10800   IN      NS      root1.
.  10800   IN      NS      root2.
.  10800   IN      NS      root3.
.  10800   IN      NS      root4.
root1. 10800 IN A 10.111.111.111
root2. 10800 IN A 10.111.112.112
root3. 10800 IN A 10.111.113.113
root4. 10800 IN A 10.111.114.114
com. 10800 IN NS root3.
com. 10800 IN NS root4.


All these records I can query with dig without any problem, but dig +trace 
still fails. :-(


--
NEU: FreePhone - 0ct/min Handyspartarif mit Geld-zurück-Garantie!
Jetzt informieren: http://www.gmx.net/de/go/freephone
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Reply via email to