Re: How to debug BIND

2014-11-30 Thread Steven Carr
On 30 November 2014 at 01:22, Kaouthar Chetioui kaoutharcheti...@gmail.com wrote: I want to do full debug for BIND I use this command: dig www.example.ma -d What's the problem you are having? What are you expecting to see when you perform a debug? What is the real name you are trying to

Re: How to debug BIND

2014-11-30 Thread Steven Carr
On 30 November 2014 at 11:04, Kaouthar Chetioui kaoutharcheti...@gmail.com wrote: I want to know the exact path that follows bind to resolve a DNS query Please reply to the list not direct. The option you are looking for is +trace and needs to be invoked on the server/system that will be

Re: How to debug BIND

2014-11-30 Thread Kaouthar Chetioui
I have already use +trace it gives me the following answer, like this: global options: +cmd . 518400 IN NS E.ROOT-SERVERS.NET. . 518400 IN NS G.ROOT-SERVERS.NET. . 518400 IN NS D.ROOT-SERVERS.NET. . 518400 IN NS H.ROOT-SERVERS.NET. . 518400 IN NS K.ROOT-SERVERS.NET. . 518400 IN NS

Re: How to debug BIND

2014-11-30 Thread Matus UHLAR - fantomas
On 30.11.14 11:24, Kaouthar Chetioui wrote: I have already use +trace it gives me the following answer, like this: no, it doeas not: global options: +cmd you clearly did not use +trace here. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to

Re: How to debug BIND

2014-11-30 Thread Steven Carr
DIG is used to test/troubleshoot DNS queries. BIND logging is used to troubleshoot the BIND server itself. Which are you trying to debug? Also be mindful that BIND will cache any DNS entries it retrieves for the defined TTLs, so if you dig a second time chances are it's not going to go to the

Re: How to debug BIND

2014-11-30 Thread Alex
Try option (+nodnssec): dig www.example.ma +trace +nodnssec On 11/30/2014 04:40 PM, Matus UHLAR - fantomas wrote: On 30.11.14 11:24, Kaouthar Chetioui wrote: I have already use +trace it gives me the following answer, like this: no, it doeas not: global options: +cmd you clearly did not

Re: How to debug BIND

2014-11-30 Thread Tony Finch
Kaouthar Chetioui kaoutharcheti...@gmail.com wrote: I want to know the exact path that follows bind to resolve a DNS query Try running $ rndc flush $ rndc trace 11 $ dig www.example.ma Then look at named's logs which will give you lots of details about queries, responses, and the parts of BIND

Re: DANE record rejected by named-checkzone

2014-11-30 Thread Adrian (Aad) Offerman
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 11/04/2014 11:54 PM, Mark Andrews wrote: In message 545954b0.8080...@offerman.com, Adrian (Aad) Offerman writes: named keeps refusing my zone file in which I included a DANE record: [root]# named-checkzone offerman.com db.offerman.com