P.S. I think that is an outdated method. It should break DNSSEC. Views from bind would probably be a better way.
On Fri, Mar 6, 2015 at 3:52 PM, Arthur Ramsey <arthur_ram...@mediture.com> wrote: > I had to disable DNS ALG on Juniper SRX series firewall. > > Thanks for the help, > Arthur > > > On 03/06/2015 04:51 PM, Jeff Sadowski wrote: >> >> I remember a network engineer that rewrote some DNS entries with a >> cisco router replacing w.x.y.z with a.b.c.d >> >> On Fri, Mar 6, 2015 at 3:46 PM, Arthur Ramsey >> <arthur_ram...@mediture.com> wrote: >>> >>> I don't think it is views. The same thing happens against Google's >>> public >>> DNS. The two hosts route to the Internet differently and that seems to >>> at >>> the root of the issue somehow. >>> >>> [root@dc01 ~]# dig +short ns1.mediture.com >>> 74.113.249.135 >>> [root@dc01 ~]# dig +short ns2.mediture.com >>> 107.23.33.118 >>> >>> [root@dc01 ~]# dig @8.8.8.8 +trace great.truchart.com >>> >>> ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6_6.1 <<>> @8.8.8.8 +trace >>> great.truchart.com >>> ; (1 server found) >>> ;; global options: +cmd >>> . 18851 IN NS h.root-servers.net. >>> . 18851 IN NS c.root-servers.net. >>> . 18851 IN NS f.root-servers.net. >>> . 18851 IN NS k.root-servers.net. >>> . 18851 IN NS j.root-servers.net. >>> . 18851 IN NS m.root-servers.net. >>> . 18851 IN NS l.root-servers.net. >>> . 18851 IN NS a.root-servers.net. >>> . 18851 IN NS g.root-servers.net. >>> . 18851 IN NS e.root-servers.net. >>> . 18851 IN NS b.root-servers.net. >>> . 18851 IN NS i.root-servers.net. >>> . 18851 IN NS d.root-servers.net. >>> ;; Received 228 bytes from 8.8.8.8#53(8.8.8.8) in 144 ms >>> >>> com. 172800 IN NS j.gtld-servers.net. >>> com. 172800 IN NS d.gtld-servers.net. >>> com. 172800 IN NS k.gtld-servers.net. >>> com. 172800 IN NS m.gtld-servers.net. >>> com. 172800 IN NS f.gtld-servers.net. >>> com. 172800 IN NS c.gtld-servers.net. >>> com. 172800 IN NS e.gtld-servers.net. >>> com. 172800 IN NS g.gtld-servers.net. >>> com. 172800 IN NS a.gtld-servers.net. >>> com. 172800 IN NS l.gtld-servers.net. >>> com. 172800 IN NS h.gtld-servers.net. >>> com. 172800 IN NS i.gtld-servers.net. >>> com. 172800 IN NS b.gtld-servers.net. >>> ;; Received 496 bytes from 192.228.79.201#53(192.228.79.201) in 146 ms >>> >>> truchart.com. 172800 IN NS ns1.mediture.com. >>> truchart.com. 172800 IN NS ns2.mediture.com. >>> ;; Received 113 bytes from 192.52.178.30#53(192.52.178.30) in 129 ms >>> >>> great.truchart.com. 3600 IN A 192.168.168.225 >>> truchart.com. 86400 IN NS ns1.mediture.com. >>> truchart.com. 86400 IN NS ns2.mediture.com. >>> ;; Received 129 bytes from 107.23.33.118#53(107.23.33.118) in 31 ms >>> >>> [root@www02 ~]# dig @8.8.8.8 +trace great.truchart.com >>> >>> ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1 <<>> @8.8.8.8 +trace >>> great.truchart.com >>> ; (1 server found) >>> ;; global options: +cmd >>> . 18813 IN NS h.root-servers.net. >>> . 18813 IN NS c.root-servers.net. >>> . 18813 IN NS f.root-servers.net. >>> . 18813 IN NS k.root-servers.net. >>> . 18813 IN NS j.root-servers.net. >>> . 18813 IN NS m.root-servers.net. >>> . 18813 IN NS l.root-servers.net. >>> . 18813 IN NS a.root-servers.net. >>> . 18813 IN NS g.root-servers.net. >>> . 18813 IN NS e.root-servers.net. >>> . 18813 IN NS b.root-servers.net. >>> . 18813 IN NS i.root-servers.net. >>> . 18813 IN NS d.root-servers.net. >>> ;; Received 228 bytes from 8.8.8.8#53(8.8.8.8) in 94 ms >>> >>> com. 172800 IN NS f.gtld-servers.net. >>> com. 172800 IN NS b.gtld-servers.net. >>> com. 172800 IN NS c.gtld-servers.net. >>> com. 172800 IN NS l.gtld-servers.net. >>> com. 172800 IN NS m.gtld-servers.net. >>> com. 172800 IN NS k.gtld-servers.net. >>> com. 172800 IN NS e.gtld-servers.net. >>> com. 172800 IN NS j.gtld-servers.net. >>> com. 172800 IN NS d.gtld-servers.net. >>> com. 172800 IN NS g.gtld-servers.net. >>> com. 172800 IN NS a.gtld-servers.net. >>> com. 172800 IN NS i.gtld-servers.net. >>> com. 172800 IN NS h.gtld-servers.net. >>> ;; Received 508 bytes from 192.58.128.30#53(192.58.128.30) in 220 ms >>> >>> truchart.com. 172800 IN NS ns1.mediture.com. >>> truchart.com. 172800 IN NS ns2.mediture.com. >>> ;; Received 113 bytes from 192.48.79.30#53(192.48.79.30) in 224 ms >>> >>> great.truchart.com. 3600 IN A 198.181.115.225 >>> truchart.com. 86400 IN NS ns2.mediture.com. >>> truchart.com. 86400 IN NS ns1.mediture.com. >>> ;; Received 129 bytes from 107.23.33.118#53(107.23.33.118) in 32 ms >>> >>> [root@www02 ~]# dig +short ns1.mediture.com >>> 74.113.249.135 >>> [root@www02 ~]# dig +short ns2.mediture.com >>> 107.23.33.118 >>> >>> On 03/06/2015 03:54 PM, Lightner, Jeff wrote: >>>> >>>> Check where each host thinks the 2 mediture.com name servers are. >>>> >>>> I saw an issue recently where I was getting different answers inside my >>>> organization than I did outside and it turned out that one of the >>>> subsequent >>>> lookups in the trace was being answered differently so the final answer >>>> was >>>> different as a result. (In our case it was because we host the same >>>> domain >>>> separately on both external BIND servers and on internal Windows DNS >>>> servers.) >>>> >>>> It took me a while looking at it to realize what was happening because I >>>> thought trace always starts at root servers and go down the outside path >>>> from there but what it actually does it start at root servers then does >>>> lookups for each subsequent domain referenced which often enough will be >>>> different than the domain you were tracing. >>>> >>>> >>>> >>>> -----Original Message----- >>>> From: bind-users-boun...@lists.isc.org >>>> [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Arthur Ramsey >>>> Sent: Friday, March 06, 2015 4:44 PM >>>> To: bind-users@lists.isc.org >>>> Subject: Different answer when querying @server from different clients >>>> >>>> I can't figure out why these two hosts resolve great.truchart.com >>>> differently when querying the authoritative server. >>>> >>>> [root@dc01 ~]# dig +trace great.truchart.com @74.113.249.135 >>>> >>>> ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6_6.1 <<>> +trace >>>> great.truchart.com @74.113.249.135 ;; global options: +cmd >>>> . 513596 IN NS i.root-servers.net. >>>> . 513596 IN NS j.root-servers.net. >>>> . 513596 IN NS f.root-servers.net. >>>> . 513596 IN NS e.root-servers.net. >>>> . 513596 IN NS m.root-servers.net. >>>> . 513596 IN NS l.root-servers.net. >>>> . 513596 IN NS c.root-servers.net. >>>> . 513596 IN NS a.root-servers.net. >>>> . 513596 IN NS g.root-servers.net. >>>> . 513596 IN NS h.root-servers.net. >>>> . 513596 IN NS b.root-servers.net. >>>> . 513596 IN NS d.root-servers.net. >>>> . 513596 IN NS k.root-servers.net. >>>> ;; Received 228 bytes from 74.113.249.135#53(74.113.249.135) in 125 ms >>>> >>>> com. 172800 IN NS a.gtld-servers.net. >>>> com. 172800 IN NS b.gtld-servers.net. >>>> com. 172800 IN NS c.gtld-servers.net. >>>> com. 172800 IN NS d.gtld-servers.net. >>>> com. 172800 IN NS e.gtld-servers.net. >>>> com. 172800 IN NS f.gtld-servers.net. >>>> com. 172800 IN NS g.gtld-servers.net. >>>> com. 172800 IN NS h.gtld-servers.net. >>>> com. 172800 IN NS i.gtld-servers.net. >>>> com. 172800 IN NS j.gtld-servers.net. >>>> com. 172800 IN NS k.gtld-servers.net. >>>> com. 172800 IN NS l.gtld-servers.net. >>>> com. 172800 IN NS m.gtld-servers.net. >>>> ;; Received 496 bytes from 198.41.0.4#53(198.41.0.4) in 121 ms >>>> >>>> truchart.com. 172800 IN NS ns1.mediture.com. >>>> truchart.com. 172800 IN NS ns2.mediture.com. >>>> ;; Received 113 bytes from 192.33.14.30#53(192.33.14.30) in 111 ms >>>> >>>> great.truchart.com. 3600 IN A 192.168.168.225 >>>> truchart.com. 86400 IN NS ns2.mediture.com. >>>> truchart.com. 86400 IN NS ns1.mediture.com. >>>> ;; Received 129 bytes from 74.113.249.135#53(74.113.249.135) in 3 ms >>>> >>>> [root@www02 ~]# dig +trace great.truchart.com @74.113.249.135 >>>> >>>> ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1 <<>> +trace >>>> great.truchart.com @74.113.249.135 ;; global options: +cmd >>>> . 514584 IN NS d.root-servers.net. >>>> . 514584 IN NS h.root-servers.net. >>>> . 514584 IN NS l.root-servers.net. >>>> . 514584 IN NS g.root-servers.net. >>>> . 514584 IN NS j.root-servers.net. >>>> . 514584 IN NS m.root-servers.net. >>>> . 514584 IN NS b.root-servers.net. >>>> . 514584 IN NS k.root-servers.net. >>>> . 514584 IN NS a.root-servers.net. >>>> . 514584 IN NS c.root-servers.net. >>>> . 514584 IN NS e.root-servers.net. >>>> . 514584 IN NS f.root-servers.net. >>>> . 514584 IN NS i.root-servers.net. >>>> ;; Received 228 bytes from 74.113.249.135#53(74.113.249.135) in 183 ms >>>> >>>> com. 172800 IN NS b.gtld-servers.net. >>>> com. 172800 IN NS f.gtld-servers.net. >>>> com. 172800 IN NS d.gtld-servers.net. >>>> com. 172800 IN NS a.gtld-servers.net. >>>> com. 172800 IN NS g.gtld-servers.net. >>>> com. 172800 IN NS e.gtld-servers.net. >>>> com. 172800 IN NS c.gtld-servers.net. >>>> com. 172800 IN NS k.gtld-servers.net. >>>> com. 172800 IN NS h.gtld-servers.net. >>>> com. 172800 IN NS m.gtld-servers.net. >>>> com. 172800 IN NS i.gtld-servers.net. >>>> com. 172800 IN NS l.gtld-servers.net. >>>> com. 172800 IN NS j.gtld-servers.net. >>>> ;; Received 496 bytes from 202.12.27.33#53(202.12.27.33) in 267 ms >>>> >>>> truchart.com. 172800 IN NS ns1.mediture.com. >>>> truchart.com. 172800 IN NS ns2.mediture.com. >>>> ;; Received 113 bytes from 192.43.172.30#53(192.43.172.30) in 70 ms >>>> >>>> great.truchart.com. 3600 IN A 198.181.115.225 >>>> truchart.com. 86400 IN NS ns2.mediture.com. >>>> truchart.com. 86400 IN NS ns1.mediture.com. >>>> ;; Received 129 bytes from 107.23.33.118#53(107.23.33.118) in 31 ms >>>> >>>> -- >>>> Arthur Ramsey >>>> Systems Administrator >>>> Mediture >>>> arthur_ram...@mediture.com >>>> 952.400.0323 >>>> >>>> This e-mail and any attachments may contain CONFIDENTIAL information, >>>> including PROTECTED HEALTH INFORMATION. If you are not the intended >>>> recipient, any use or disclosure of this information is STRICTLY >>>> PROHIBITED; >>>> you are requested to delete this e-mail and any attachments, notify the >>>> sender immediately, and notify the Mediture Privacy Officer at >>>> privacyoffi...@mediture.com. >>>> >>>> >>>> >>>> _______________________________________________ >>>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to >>>> unsubscribe from this list >>>> >>>> bind-users mailing list >>>> bind-users@lists.isc.org >>>> https://lists.isc.org/mailman/listinfo/bind-users >>> >>> >>> -- >>> Arthur Ramsey >>> Systems Administrator >>> Mediture >>> arthur_ram...@mediture.com >>> 952.400.0323 >>> >>> This e-mail and any attachments may contain CONFIDENTIAL information, >>> including PROTECTED HEALTH INFORMATION. If you are not the intended >>> recipient, any use or disclosure of this information is STRICTLY >>> PROHIBITED; >>> you are requested to delete this e-mail and any attachments, notify the >>> sender immediately, and notify the Mediture Privacy Officer at >>> privacyoffi...@mediture.com. >>> >>> >>> >>> _______________________________________________ >>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to >>> unsubscribe from this list >>> >>> bind-users mailing list >>> bind-users@lists.isc.org >>> https://lists.isc.org/mailman/listinfo/bind-users > > > -- > Arthur Ramsey > Systems Administrator > Mediture > arthur_ram...@mediture.com > 952.400.0323 > > This e-mail and any attachments may contain CONFIDENTIAL information, > including PROTECTED HEALTH INFORMATION. If you are not the intended > recipient, any use or disclosure of this information is STRICTLY PROHIBITED; > you are requested to delete this e-mail and any attachments, notify the > sender immediately, and notify the Mediture Privacy Officer at > privacyoffi...@mediture.com. > > > > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to > unsubscribe from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
