Please remember to reply to the mailing list, not the original sender: http://gnudip2.sourceforge.net/#mailinglist
+++++++++ El 22 Apr 2002 a las 21:17, Thilo Bangert escribió: > > On Monday, 22. April 2002 21:03, you wrote: > > Hi, > > Hi > > > > > I just installed GnuDIP 2.3.5 and was toying around and > > adjusting things when it "suddenly" stopped working. I > > couldn't update via web or via tcp... I checked and > > noticed that in fact, I wasn't able to make a > > successful nsupdate even via command line. > > > > I added "-d" to nsupdate and saw that the error message > > said something about not getting a SOA record. > > > > A "host -t soa host.dyndomain.mydomain.com" didn't get > > a SOA record but, as far as I remembered, never did. > > The SOA belongs to dyndomain.mydomain.com not to > > host.dyndomain.mydomain.com. > > > > After a while I remembered I had changed the order of > > the nameserver entries in /etc/resolv.conf in the > > GnuDIP host. > > > > Originally there was a BIND resolver (not the BIND > > authoritative server) and I had put it below a DJB's > > dnscache. > > > > After digging enough I noticed the following. > > > > With the BIND resolver I got the following: > > > # dnsqr any host.dyndomain.mydomain.com > > > 255 host.dyndomain.mydomain.com: > > > 97 bytes, 1+0+1+0 records, response, authoritative, nxdomain > > > query: 255 host.dyndomain.mydomain.com > > > authority: dyndomain.mydomain.com 10 SOA ns1.dyndomain.mydomain.com > > > hostmaster.dyndomain.mydomain.com 2002042214 10800 3600 3600000 10 > > > > And with DJB's dnscache: > > > # dnsqr any host.dyndomain.mydomain.com > > > 255 host.dyndomain.mydomain.com: > > > 41 bytes, 1+0+0+0 records, response, authoritative, nxdomain > > > query: 255 host.dyndomain.mydomain.com > > > > Note that BIND includes an authority section for > > whoever has authority to that domain, whereas dnscache > > does not. > > > > The point is, if you are using nsupdate, you CAN'T > > resolve via dnscache. > > why do you conclude that? i can't seem to follow you... > 192.168.1.2 is running dnscache 192.168.1.99 is running bind 8.2.3 (cache only) /etc/resolv.conf has nameserver 192.168.1.2 nameserver 192.168.1.99 > # nsupdate -d -v > > update delete baby.dyn.pertisp.com.ar. in a > > > Reply from SOA query: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49055 > ;; flags: qr rd ra ; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 > ;; QUESTION SECTION: > ;baby.dyn.pertisp.com.ar. IN SOA > > > response to SOA query didn't contain an SOA > # nsupdate doesn't work and complains that a response to SOA query didn't contain an SOA. Here's dnscache log: 2002-04-22 16:54:53.404173500 query 28856 192.168.1.7:32834:49055 soa baby.dyn.pertisp.com.ar. 2002-04-22 16:54:53.404179500 cached ns pertisp.com.ar. ns1.pertisp.com.ar. 2002-04-22 16:54:53.404182500 cached ns pertisp.com.ar. ns2.pertisp.com.ar. 2002-04-22 16:54:53.404184500 cached a ns1.pertisp.com.ar. 2002-04-22 16:54:53.404186500 cached a ns2.pertisp.com.ar. 2002-04-22 16:54:53.404188500 tx 0 soa baby.dyn.pertisp.com.ar. pertisp.com.ar. 200.49.76.6 200.49.76.6 200.49.76.34 2002-04-22 16:54:53.406347500 nodata 200.49.76.6 10 6 baby.dyn.pertisp.com.ar. If you look at what the query for "ANY" answers, you get: > # dnsqr any baby.dyn.pertisp.com.ar > 255 baby.dyn.pertisp.com.ar: > 57 bytes, 1+1+0+0 records, response, noerror > query: 255 baby.dyn.pertisp.com.ar > answer: baby.dyn.pertisp.com.ar 5 A 1.2.3.4 Now I flip the order in /etc/resolv.conf: nameserver 192.168.1.99 nameserver 192.168.1.2 > # nsupdate -d -v > > update delete baby.dyn.pertisp.com.ar. in a > > > Reply from SOA query: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24278 > ;; flags: qr aa rd ra ; QUESTION: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 > ;; QUESTION SECTION: > ;baby.dyn.pertisp.com.ar. IN SOA > > ;; AUTHORITY SECTION: > dyn.pertisp.com.ar. 10 IN SOA ns1.pertisp.com.ar. >hostmaster.pert.com.ar. 2002042215 10800 3600 3600000 10 > > > Found zone name: dyn.pertisp.com.ar > The master is: ns1.pertisp.com.ar > > Reply from update query: > ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 10966 > ;; flags: qr ra ; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 > > > update add baby.dyn.pertisp.com.ar. 5 in a 1.2.3.4 > > > Reply from SOA query: > ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55227 > ;; flags: qr aa rd ra ; QUESTION: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 > ;; QUESTION SECTION: > ;baby.dyn.pertisp.com.ar. IN SOA > > ;; AUTHORITY SECTION: > dyn.pertisp.com.ar. 10 IN SOA ns1.pertisp.com.ar. >hostmaster.pert.com.ar. 2002042216 10800 3600 3600000 10 > > > Found zone name: dyn.pertisp.com.ar > The master is: ns1.pertisp.com.ar > > Reply from update query: > ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 49272 > ;; flags: qr ra ; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 > > > Destroy DST lib > Detach from entropy > # BIND is only logging the query: 22-Apr-2002 17:01:59.615 queries: info: XX+/192.168.1.7/baby.dyn.pertisp.com.ar/ANY/IN However, if now I check via dnsqr: > # dnsqr any baby.dyn.pertisp.com.ar > 255 baby.dyn.pertisp.com.ar: > 91 bytes, 1+1+1+1 records, response, authoritative, noerror > query: 255 baby.dyn.pertisp.com.ar > answer: baby.dyn.pertisp.com.ar 5 A 1.2.3.4 > authority: dyn.pertisp.com.ar 7200 NS ns1.pertisp.com.ar > additional: ns1.pertisp.com.ar 7200 A 200.49.76.6 I can see that BIND sent an additional AUTHORITY section which I guess is what nsupdate is looking for. DJB's dnscache never sent that section. -- GnuDIP Mailing List http://gnudip2.sourceforge.net/#mailinglist
