[swinog] Re: DNS help: named 'end of file resolving' a hostname.

[Benoit Panizzon]

Hi Beat

> May it be this issue? 
> https://gitlab.isc.org/isc-projects/bind9/-/issues/3474

Thank you and all who took the time investigating the issue.

I'm not so sure it's bound to that issue. But nevertheless I now opened
an issue myself. Let's see.

Mit freundlichen Grüssen

-Benoît Panizzon-
-- 
I m p r o W a r e   A G-Leiter Commerce Kunden
__

Zurlindenstrasse 29 Tel  +41 61 826 93 00
CH-4133 PrattelnFax  +41 61 826 93 01
Schweiz Web  http://www.imp.ch
__
___
swinog mailing list -- swinog@lists.swinog.ch
To unsubscribe send an email to swinog-le...@lists.swinog.ch

[swinog] Re: DNS help: named 'end of file resolving' a hostname.

[Beat Siegenthaler]

On 14.10.22 10:51, Benoît Panizzon wrote:

Bind 9.18.4 fails to resolve the A record of: fd19g0409.drive.pro.io


May it be this issue? 
https://gitlab.isc.org/isc-projects/bind9/-/issues/3474


Beat

___
swinog mailing list -- swinog@lists.swinog.ch
To unsubscribe send an email to swinog-le...@lists.swinog.ch

[swinog] Re: DNS help: named 'end of file resolving' a hostname.

[Fabian Wenk]

Hello Benoît

On 14.10.2022 10:51, Benoît Panizzon wrote:

Maybe some of you has already come over that issue and know how to fix.

Bind 9.18.4 fails to resolve the A record of: fd19g0409.drive.pro.io

Bind 9.11.36 works.

Both versions have DNSSEC Validation enabled and connected to a network
not restricting EDNS.


My systems are with bind 9.16 as a local resolver using the root 
nameservers, I get this:


batman:~ # dig fd19g0409.drive.pro.io
;; communications error to ::1#53: timed out
;; communications error to ::1#53: timed out

; <<>> DiG 9.18.7 <<>> fd19g0409.drive.pro.io
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 35861
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 2f7b02654b3c7d3c0100634bd959127589388c126a1d (good)
;; QUESTION SECTION:
;fd19g0409.drive.pro.io.IN  A

;; Query time: 113 msec
;; SERVER: ::1#53(::1) (UDP)
;; WHEN: Sun Oct 16 12:13:45 CEST 2022
;; MSG SIZE  rcvd: 79

batman:~ #

But on the other hand this works (takes a while):
batman:~ # host fd19g0409.drive.pro.io
fd19g0409.drive.pro.io has address 94.126.19.162
fd19g0409.drive.pro.io has IPv6 address 2a00:1128:0:19::162
batman:~ #


Bind Logs:

named[3156696]: end of file resolving '_.drive.pro.io/A/IN': 80.74.143.169#53


I get this (sorry for the long line wrapping):
Oct 16 08:28:48 batman named[63587]: client @0x80f11b758 ::1#40913 
(fd19g0409.drive.pro.io): view internal: query failed (timed out) for 
fd19g0409.drive.pro.io/IN/A at query.c:7375

[... two repeated lines remove ...]
Oct 16 12:13:45 batman named[63587]: client @0x80356e358 ::1#44995 
(fd19g0409.drive.pro.io): view internal: query failed (timed out) for 
fd19g0409.drive.pro.io/IN/A at query.c:7375

[... two repeated lines remove ...]

Lines from a second dig:
Oct 16 12:15:52 batman named[63587]: client @0x807c15d58 ::1#59382 
(fd19g0409.drive.pro.io): view internal: query failed (timed out) for 
fd19g0409.drive.pro.io/IN/A at query.c:7375

[... one repeated lines remove ...]
Oct 16 12:15:52 batman named[63587]: client @0x80f2c2958 ::1#40749 
(fd19g0409.drive.pro.io): view internal: query failed (SERVFAIL) for 
fd19g0409.drive.pro.io/IN/A at query.c:6656



As the 'host' tool was working with a unusual delay using the same 
server, I did try this (default timeout is 5 seconds):


batman:~ # dig fd19g0409.drive.pro.io +timeout=30

; <<>> DiG 9.18.7 <<>> fd19g0409.drive.pro.io +timeout=30
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 41879
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 6317be73062799980100634bdf600b277eb7be8c0697 (good)
;; QUESTION SECTION:
;fd19g0409.drive.pro.io.IN  A

;; Query time: 10009 msec
;; SERVER: ::1#53(::1) (UDP)
;; WHEN: Sun Oct 16 12:39:28 CEST 2022
;; MSG SIZE  rcvd: 79

batman:~ #

Same also with 60 seconds timeout. But now host also fails (took 33 and 
on a second try 40 seconds):


batman:~ # host fd19g0409.drive.pro.io
;; connection timed out; no servers could be reached
batman:~ #

Other things work and the answer is instant.

I do not see this problem from some other locations where I use the 
resolver of the ISP or hoster. The answer is instant.


But more strange things, which work fine and instant:

batman:~ # dig -t ns pro.io

; <<>> DiG 9.18.7 <<>> -t ns pro.io
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40826
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 5

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: d7ad19c9d61a7a8a0100634be1c9e9ed83950b13cd10 (good)
;; QUESTION SECTION:
;pro.io.IN  NS

;; ANSWER SECTION:
pro.io. 1430IN  NS  p.dnh.net.
pro.io. 1430IN  NS  ch.pro.io.
pro.io. 1430IN  NS  nl.pro.io.

;; ADDITIONAL SECTION:
ch.pro.io.  1430IN  2a00:1128:1:1::143:169
nl.pro.io.  1430IN  2001:41d0:8:1c8d::
ch.pro.io.  42235   IN  A   80.74.143.169
nl.pro.io.  42235   IN  A   151.80.197.88

;; Query time: 106 msec
;; SERVER: ::1#53(::1) (UDP)
;; WHEN: Sun Oct 16 12:49:45 CEST 2022
;; MSG SIZE  rcvd: 208

batman:~ # dig fd19g0409.drive.pro.io @80.74.143.169

; <<>> DiG 9.18.7 <<>> fd19g0409.drive.pro.io @80.74.143.169
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5649
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;fd19g0409.drive.pro.io.IN  A

;; ANSWER SECTION: