RE: Host/nslookup/dig queries wrong server
I just verified this bug on a new install of Centos 5.4 I then downloaded the source bind-9.3.6-P1.tar.gz And built it with ./configure --with-openssl --prefix=/usr --sysconfdir=/etc --localstatedir=/var/named make Even without actually installing it (just running host from the build area) I can see the host command built from source works correctly. Not sure how Redhat have managed to break it. Duncan ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
RE: Host/nslookup/dig queries wrong server
I'm assuming you downloaded the ISC source rather than RedHat or CentOS. RedHat back ports bug and security fixes from later BIND versions into their BIND 9.3.6 implementation (which is why there is extra versioning in their package names). Since CentOS is built from RedHat source and both RHEL5 and CentOS5 builds exhibit the bug it means the issue is in the source. Since OP indicated he has filed bug report with RedHat hopefully they'll address it. RedHat's BIND maintainer has responded in this list before so hopefully he's seeing this thread. -Original Message- From: bind-users-bounces+jlightner=water@lists.isc.org [mailto:bind-users-bounces+jlightner=water@lists.isc.org] On Behalf Of Duncan Berriman Sent: Thursday, February 04, 2010 8:41 AM To: bind-users@lists.isc.org Subject: RE: Host/nslookup/dig queries wrong server I just verified this bug on a new install of Centos 5.4 I then downloaded the source bind-9.3.6-P1.tar.gz And built it with ./configure --with-openssl --prefix=/usr --sysconfdir=/etc --localstatedir=/var/named make Even without actually installing it (just running host from the build area) I can see the host command built from source works correctly. Not sure how Redhat have managed to break it. Duncan ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users Proud partner. Susan G. Komen for the Cure. Please consider our environment before printing this e-mail or attachments. -- CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you. -- ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
RE: Host/nslookup/dig queries wrong server
Thanks adam - Agreed its just host and nslookup, dig is fine. Duncan ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Host/nslookup/dig queries wrong server
I know discussions like this are fun but it took 10 seconds to find the related change in CHANGES. 2616. [bug] 'host' used the nameservers from resolv.conf even when a explicit nameserver was specified. [RT #19852] And it has been applied to these branches. % grep 2616 9.?.x/CHANGES 9.4.x/CHANGES:2616. [bug] 'host' used the nameservers from resolv.conf even 9.5.x/CHANGES:2616. [bug] 'host' used the nameservers from resolv.conf even 9.6.x/CHANGES:2616. [bug] 'host' used the nameservers from resolv.conf even 9.7.x/CHANGES:2616. [bug] 'host' used the nameservers from resolv.conf even % Which correspond to these releases 9.4-ESV, 9.5.2, 9.6.2 and 9.7.0. Note: two of these are in the future so you need to look at the release candidates. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Host/nslookup/dig queries wrong server
On 03.02.10 10:07, Duncan Berriman wrote: In certain versions of linux I have noticed that the host/nslookup and dig command query the wrong server. For instance if the following command is run it should return ;; connection timed out; no servers could be reached # host google.co.uk 123.123.123.1 However on certain versions of linux it decides almost instantly since it can't connect to the server specified it will use the name servers in resolv.conf, in this case that is the local host. # host google.co.uk 123.123.123.1 Using domain server: Name: 127.0.0.1 Address: 127.0.0.1#53 Aliases: [...] there are two host commands, one comes from bind, one from dunnowhere. check which one do you have installed. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. My mind is like a steel trap - rusty and illegal in 37 states. ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Host/nslookup/dig queries wrong server
On Wed, Feb 03, 2010 at 11:42:19AM -, Duncan Berriman dun...@dcl.co.uk wrote a message of 75 lines which said: How do I check which one it is? I can't see any option to tell me. which host rpm -q -f `which host` ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
RE: Host/nslookup/dig queries wrong server
# rpm -q -f `which host` bind-utils-9.3.6-4.P1.el5_4.2 Thanks Duncan -Original Message- From: Stephane Bortzmeyer [mailto:bortzme...@nic.fr] Sent: 03 February 2010 13:12 To: Duncan Berriman Cc: 'Matus UHLAR - fantomas'; bind-users@lists.isc.org Subject: Re: Host/nslookup/dig queries wrong server On Wed, Feb 03, 2010 at 11:42:19AM -, Duncan Berriman dun...@dcl.co.uk wrote a message of 75 lines which said: How do I check which one it is? I can't see any option to tell me. which host rpm -q -f `which host` -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
RE: Host/nslookup/dig queries wrong server
You might want to file a bug report with RedHat. I just looked through the notifications I got last year from RedHat regarding various bug and security updates to the bind packages and none of them mention this change. Can others on the list verify the default (non-RedHat) bind-utils package's host command should NOT resolve if server is specified and the specified server doesn't resolv? -Original Message- From: bind-users-bounces+jlightner=water@lists.isc.org [mailto:bind-users-bounces+jlightner=water@lists.isc.org] On Behalf Of Duncan Berriman Sent: Wednesday, February 03, 2010 10:48 AM To: bind-users@lists.isc.org Subject: RE: Host/nslookup/dig queries wrong server Whats odd is FC8,9 and 11 are ok. 10 uses 9.5.1 Centos uses 9.3.6 It appears therefore that Redhat are somehow causing the issue when building certain versions. Thanks for your help proving what it is at least I can look at upgrading or downgrading to solve the issue. -Original Message- From: Lightner, Jeff [mailto:jlight...@water.com] Sent: 03 February 2010 15:37 To: Duncan Berriman; bind-users@lists.isc.org Subject: RE: Host/nslookup/dig queries wrong server Interesting. On checking a CentOS5 and a RHEL5 system I found I had bind-utils-9.3.4-10.P1.el5_3.3 and running host with specifying server did what it should (what you expected). I then updated the CentOS5 to bind-utils-9.3.6-4.P1.el5_4.2 and now have the issue you're talking about so it appears to be an issue with the 9.3.6 as released by RedHat (and Fedora - CentOS uses RedHat sources). -Original Message- From: bind-users-bounces+jlightner=water@lists.isc.org [mailto:bind-users-bounces+jlightner=water@lists.isc.org] On Behalf Of Duncan Berriman Sent: Wednesday, February 03, 2010 10:05 AM To: bind-users@lists.isc.org Subject: RE: Host/nslookup/dig queries wrong server Problem is I am specifying the server on the command line, it is supposed to use only that server, not randomly decide because it can't connect to that server to try any others it feels like. Even the -s option makes no difference. It should even been looking at files or dns Duncan -Original Message- From: Lightner, Jeff [mailto:jlight...@water.com] Sent: 03 February 2010 15:04 To: Duncan Berriman; bind-users@lists.isc.org Subject: RE: Host/nslookup/dig queries wrong server rpm -qa |grep bind Will tell you all the BIND packages you have installed via RPM. The reason commands check resolv.conf in UNIX/Linux is typically due to how you've setup /etc/nsswitch.conf. A line is contained in it similar to the following: hosts: files dns The above line says to first check files (/etc/hosts typically) for the name and if not found there then try to use dns (/etc/resolv.conf defines settings for dns lookups). There are other options for the file such as nis which would say to look at nis. If you don't want to use dns for lookups you can remove dns from the hosts line in nsswitch.conf. Note that lookup commands are often designed specifically for name services so won't necessarily respond from /etc/hosts even if the entry is there. The way to verify it's reading /etc/hosts is to do a ping on it after the lookup. If the ping works and the lookup appeared not to then it means it likely found the answer in /etc/hosts. (HP-UX is an exception - their implementation of nslookup actually retruns entries from /etc/hosts as well.) -Original Message- From: bind-users-bounces+jlightner=water@lists.isc.org [mailto:bind-users-bounces+jlightner=water@lists.isc.org] On Behalf Of Duncan Berriman Sent: Wednesday, February 03, 2010 9:45 AM To: bind-users@lists.isc.org Subject: RE: Host/nslookup/dig queries wrong server # rpm -q -f `which host` bind-utils-9.3.6-4.P1.el5_4.2 Thanks Duncan -Original Message- From: Stephane Bortzmeyer [mailto:bortzme...@nic.fr] Sent: 03 February 2010 13:12 To: Duncan Berriman Cc: 'Matus UHLAR - fantomas'; bind-users@lists.isc.org Subject: Re: Host/nslookup/dig queries wrong server On Wed, Feb 03, 2010 at 11:42:19AM -, Duncan Berriman dun...@dcl.co.uk wrote a message of 75 lines which said: How do I check which one it is? I can't see any option to tell me. which host rpm -q -f `which host` -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users Proud partner. Susan G. Komen for the Cure. Please consider our environment before printing this e-mail or attachments. -- CONFIDENTIALITY NOTICE: This e-mail
RE: Host/nslookup/dig queries wrong server
Now filed as bug 561299 Whats the easiest way to upgrade/downgrade bind and bind utils on Fedora and Centos? Thanks Duncan -Original Message- From: Lightner, Jeff [mailto:jlight...@water.com] Sent: 03 February 2010 15:59 To: Duncan Berriman; bind-users@lists.isc.org Subject: RE: Host/nslookup/dig queries wrong server You might want to file a bug report with RedHat. I just looked through the notifications I got last year from RedHat regarding various bug and security updates to the bind packages and none of them mention this change. Can others on the list verify the default (non-RedHat) bind-utils package's host command should NOT resolve if server is specified and the specified server doesn't resolv? -Original Message- From: bind-users-bounces+jlightner=water@lists.isc.org [mailto:bind-users-bounces+jlightner=water@lists.isc.org] On Behalf Of Duncan Berriman Sent: Wednesday, February 03, 2010 10:48 AM To: bind-users@lists.isc.org Subject: RE: Host/nslookup/dig queries wrong server Whats odd is FC8,9 and 11 are ok. 10 uses 9.5.1 Centos uses 9.3.6 It appears therefore that Redhat are somehow causing the issue when building certain versions. Thanks for your help proving what it is at least I can look at upgrading or downgrading to solve the issue. -Original Message- From: Lightner, Jeff [mailto:jlight...@water.com] Sent: 03 February 2010 15:37 To: Duncan Berriman; bind-users@lists.isc.org Subject: RE: Host/nslookup/dig queries wrong server Interesting. On checking a CentOS5 and a RHEL5 system I found I had bind-utils-9.3.4-10.P1.el5_3.3 and running host with specifying server did what it should (what you expected). I then updated the CentOS5 to bind-utils-9.3.6-4.P1.el5_4.2 and now have the issue you're talking about so it appears to be an issue with the 9.3.6 as released by RedHat (and Fedora - CentOS uses RedHat sources). -Original Message- From: bind-users-bounces+jlightner=water@lists.isc.org [mailto:bind-users-bounces+jlightner=water@lists.isc.org] On Behalf Of Duncan Berriman Sent: Wednesday, February 03, 2010 10:05 AM To: bind-users@lists.isc.org Subject: RE: Host/nslookup/dig queries wrong server Problem is I am specifying the server on the command line, it is supposed to use only that server, not randomly decide because it can't connect to that server to try any others it feels like. Even the -s option makes no difference. It should even been looking at files or dns Duncan -Original Message- From: Lightner, Jeff [mailto:jlight...@water.com] Sent: 03 February 2010 15:04 To: Duncan Berriman; bind-users@lists.isc.org Subject: RE: Host/nslookup/dig queries wrong server rpm -qa |grep bind Will tell you all the BIND packages you have installed via RPM. The reason commands check resolv.conf in UNIX/Linux is typically due to how you've setup /etc/nsswitch.conf. A line is contained in it similar to the following: hosts: files dns The above line says to first check files (/etc/hosts typically) for the name and if not found there then try to use dns (/etc/resolv.conf defines settings for dns lookups). There are other options for the file such as nis which would say to look at nis. If you don't want to use dns for lookups you can remove dns from the hosts line in nsswitch.conf. Note that lookup commands are often designed specifically for name services so won't necessarily respond from /etc/hosts even if the entry is there. The way to verify it's reading /etc/hosts is to do a ping on it after the lookup. If the ping works and the lookup appeared not to then it means it likely found the answer in /etc/hosts. (HP-UX is an exception - their implementation of nslookup actually retruns entries from /etc/hosts as well.) -Original Message- From: bind-users-bounces+jlightner=water@lists.isc.org [mailto:bind-users-bounces+jlightner=water@lists.isc.org] On Behalf Of Duncan Berriman Sent: Wednesday, February 03, 2010 9:45 AM To: bind-users@lists.isc.org Subject: RE: Host/nslookup/dig queries wrong server # rpm -q -f `which host` bind-utils-9.3.6-4.P1.el5_4.2 Thanks Duncan -Original Message- From: Stephane Bortzmeyer [mailto:bortzme...@nic.fr] Sent: 03 February 2010 13:12 To: Duncan Berriman Cc: 'Matus UHLAR - fantomas'; bind-users@lists.isc.org Subject: Re: Host/nslookup/dig queries wrong server On Wed, Feb 03, 2010 at 11:42:19AM -, Duncan Berriman dun...@dcl.co.uk wrote a message of 75 lines which said: How do I check which one it is? I can't see any option to tell me. which host rpm -q -f `which