There was nothing changed on the system since 2012. The behavior changed all of sudden. I am just curious where dig got root servers like " b.root-servers.new.".
On Tue, Feb 3, 2015 at 2:56 PM, Leonard Mills <l...@yahoo.com> wrote: > >Let me take a step back. The original problem is "dig ." > > would give SERVFAIL instead of NOERROR. > >The "." is pointed to named.ca which looks normal. > > Without source code changes to your tools and/or replacement > hints files "." invariably points to the root servers to be used by the > (possibly local) DNS toolset. > > HTH, > Len > > > > On Tuesday, February 3, 2015 11:47 AM, Linux Addict < > linuxaddi...@gmail.com> wrote: > > > Actually I tried +trace from BIND server itself and still get the same > answer. I did "dig . +trace @localhost" > > > ; <<>> DiG 9.7.0-P1 <<>> . +trace @localhost > ;; global options: +cmd > . 346239 IN NS i.root-servers.new. > . 346239 IN NS c.root-servers.new. > . 346239 IN NS b.root-servers.new. > . 346239 IN NS e.root-servers.new. > . 346239 IN NS d.root-servers.new. > . 346239 IN NS l.root-servers.new. > . 346239 IN NS f.root-servers.new. > . 346239 IN NS j.root-servers.new. > . 346239 IN NS h.root-servers.new. > . 346239 IN NS k.root-servers.new. > . 346239 IN NS m.root-servers.new. > . 346239 IN NS g.root-servers.new. > ;; Received 405 bytes from localhost#53(localhost) in 1 ms > > > On Tue, Feb 3, 2015 at 2:19 PM, Lyle Giese <l...@lcrcomputer.net> wrote: > > 172.27.254.11 is giving you that info with the .new name servers. You > need to ask whomever manages that server. > > Look at this line from your +trace output: > > Received 405 bytes from 172.27.254.11#53(172.27.254.11) in 1 ms > > Lyle > > > On 2/3/2015 1:13 PM, Linux Addict wrote: > > Additional info - general: warning: checkhints: unable to find root NS > 'b.root-servers.new' in hints > > I cant seem to find where the ".new" coming from... > > > On Tue, Feb 3, 2015 at 2:07 PM, Linux Addict <linuxaddi...@gmail.com> > wrote: > > The named.ca seems good. > > ;; ANSWER SECTION: > . 518400 IN NS C.ROOT-SERVERS.NET > <http://c.root-servers.net/>. > . 518400 IN NS I.ROOT-SERVERS.NET > <http://i.root-servers.net/>. > . 518400 IN NS F.ROOT-SERVERS.NET > <http://f.root-servers.net/>. > . 518400 IN NS B.ROOT-SERVERS.NET > <http://b.root-servers.net/>. > . 518400 IN NS L.ROOT-SERVERS.NET > <http://l.root-servers.net/>. > . 518400 IN NS D.ROOT-SERVERS.NET > <http://d.root-servers.net/>. > . 518400 IN NS J.ROOT-SERVERS.NET > <http://j.root-servers.net/>. > . 518400 IN NS K.ROOT-SERVERS.NET > <http://k.root-servers.net/>. > . 518400 IN NS E.ROOT-SERVERS.NET > <http://e.root-servers.net/>. > . 518400 IN NS A.ROOT-SERVERS.NET > <http://a.root-servers.net/>. > . 518400 IN NS M.ROOT-SERVERS.NET > <http://m.root-servers.net/>. > . 518400 IN NS G.ROOT-SERVERS.NET > <http://g.root-servers.net/>. > . 518400 IN NS H.ROOT-SERVERS.NET > <http://h.root-servers.net/>. > > > > On Tue, Feb 3, 2015 at 2:02 PM, Lyle Giese <l...@lcrcomputer.net> wrote: > > If I remember right, DIG does not know the root servers and asks the > local host to retrieve that information and a server at 172.27.254.11(which > is RFC 1918 address space) gave you that answer. > > Is your machine/shop setup with private root servers? > > Lyle > > > On 2/3/2015 12:50 PM, Linux Addict wrote: > > I do dig . +trace and the results seem show .new servers. This is > causing SERVFAIL for root query. Any ideas? > > dig . +trace > > ; <<>> DiG 9.7.0-P1 <<>> . +trace > ;; global options: +cmd > . 348510 IN NS b.root-servers.new. > . 348510 IN NS h.root-servers.new. > . 348510 IN NS l.root-servers.new. > . 348510 IN NS f.root-servers.new. > . 348510 IN NS m.root-servers.new. > . 348510 IN NS k.root-servers.new. > . 348510 IN NS i.root-servers.new. > . 348510 IN NS e.root-servers.new. > . 348510 IN NS g.root-servers.new. > . 348510 IN NS j.root-servers.new. > . 348510 IN NS c.root-servers.new. > . 348510 IN NS d.root-servers.new. > ;; Received 405 bytes from 172.27.254.11#53(172.27.254.11) in 1 ms > > ;; connection timed out; no servers could be reached > > > > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > bind-users mailing > listbind-us...@lists.isc.orghttps://lists.isc.org/mailman/listinfo/bind-users > > > > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to > unsubscribe from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users > > > > > > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to > unsubscribe from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users > > > > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to > unsubscribe from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users > > >
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users