[ale] Digg odditiy?

Robert L. Harris robert.l.harris at gmail.com
Fri Jul 1 10:39:21 EDT 2016


Ok, I took a random shot in the dark.  I commented out one line:

   query-source address * port 53;

A quick google found this:
http://www.mpipks-dresden.mpg.de/~mueller/docs/suse10.1/suselinux-manual_en/manual/sec.dns.named.html

I likely had this from back when Comcast was being a PITA when I first set
up here in Colorado.  As soon as I commented out and reloaded, it's
working...


On Thu, Jun 30, 2016 at 2:33 PM Robert L. Harris <robert.l.harris at gmail.com>
wrote:

>
> Yes, if I dig with the cname tag it does resolve:
> {0}:/home/nomad/Dropbox/Charter>dig cname www.dropbox.com
>
> ; <<>> DiG 9.10.3-P4-Ubuntu <<>> cname www.dropbox.com
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9120
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 5
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 4096
> ;; QUESTION SECTION:
> ;www.dropbox.com.               IN      CNAME
>
> ;; ANSWER SECTION:
> www.dropbox.com.        60      IN      CNAME   www.g1.dropbox.com.
>
> ;; AUTHORITY SECTION:
> dropbox.com.            171748  IN      NS      ns-1949.awsdns-51.co.uk.
> dropbox.com.            171748  IN      NS      ns-315.awsdns-39.com.
> dropbox.com.            171748  IN      NS      ns-564.awsdns-06.net.
> dropbox.com.            171748  IN      NS      ns-1162.awsdns-17.org.
>
> ;; ADDITIONAL SECTION:
> ns-315.awsdns-39.com.   172734  IN      A       205.251.193.59
> ns-564.awsdns-06.net.   171748  IN      A       205.251.194.52
> ns-1162.awsdns-17.org.  171748  IN      A       205.251.196.138
> ns-1949.awsdns-51.co.uk. 171749 IN      A       205.251.199.157
>
> ;; Query time: 129 msec
> ;; SERVER: 172.20.0.1#53(172.20.0.1)
> ;; WHEN: Thu Jun 30 14:30:48 MDT 2016
> ;; MSG SIZE  rcvd: 266
>
>
>
>
> I ran another test with a trace and got this:
> http://pastebin.com/uFMvtZhd
>
>
> On Thu, Jun 30, 2016 at 2:21 PM Scott M. Jones <eff at dragoncon.org> wrote:
>
>> www.dropbox.com is a cname.  Have you tried
>>
>> dig cname www.dropbox.com
>>
>> ???
>>
>> scott$ dig cname www.dropbox.com
>>
>> ; <<>> DiG 9.8.3-P1 <<>> cname www.dropbox.com
>> ;; global options: +cmd
>> ;; Got answer:
>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15281
>> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
>>
>> ;; QUESTION SECTION:
>> ;www.dropbox.com.               IN      CNAME
>>
>> ;; ANSWER SECTION:
>> www.dropbox.com.        55      IN      CNAME   www.g1.dropbox.com.
>>
>> ;; Query time: 42 msec
>> ;; SERVER: 192.168.3.254#53(192.168.3.254)
>> ;; WHEN: Thu Jun 30 16:13:38 2016
>> ;; MSG SIZE  rcvd: 54
>>
>>
>>
>> On 6/30/16 3:18 PM, Robert L. Harris wrote:
>> >
>> > Ok, I know I'm missing something odd here.  I can look up dropbox.com
>> > <http://dropbox.com> but not www.dropbox.com <http://www.dropbox.com>.
>> > It looks like I'm getting a "refused" response from my server.  If I do
>> > the dig against localhost from the server, I get the exact same
>> > results.  I've tried enabling recursion {any;} same with listen ( and
>> > both of their -on values ).
>> >
>> > {0}:/etc/bind>dig dropbox.com <http://dropbox.com>
>> >
>> > ; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> dropbox.com <http://dropbox.com
>> >
>> > ;; global options: +cmd
>> > ;; Got answer:
>> > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1729
>> > ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 4, ADDITIONAL: 5
>> >
>> > ;; OPT PSEUDOSECTION:
>> > ; EDNS: version: 0, flags:; udp: 4096
>> > ;; QUESTION SECTION:
>> > ;dropbox.com <http://dropbox.com>.                   IN      A
>> >
>> > ;; ANSWER SECTION:
>> > dropbox.com <http://dropbox.com>.            60      IN      A
>> >       108.160.172.238
>> > dropbox.com <http://dropbox.com>.            60      IN      A
>> >       108.160.172.206
>> >
>> > ;; AUTHORITY SECTION:
>> > dropbox.com <http://dropbox.com>.            172535  IN      NS
>> >      ns-315.awsdns-39.com <http://ns-315.awsdns-39.com>.
>> > dropbox.com <http://dropbox.com>.            172535  IN      NS
>> >      ns-564.awsdns-06.net <http://ns-564.awsdns-06.net>.
>> > dropbox.com <http://dropbox.com>.            172535  IN      NS
>> >      ns-1162.awsdns-17.org <http://ns-1162.awsdns-17.org>.
>> > dropbox.com <http://dropbox.com>.            172535  IN      NS
>> >      ns-1949.awsdns-51.co.uk <http://ns-1949.awsdns-51.co.uk>.
>> >
>> > ;; ADDITIONAL SECTION:
>> > ns-315.awsdns-39.com <http://ns-315.awsdns-39.com>.   172535  IN      A
>> >       205.251.193.59
>> > ns-564.awsdns-06.net <http://ns-564.awsdns-06.net>.   172536  IN      A
>> >       205.251.194.52
>> > ns-1162.awsdns-17.org <http://ns-1162.awsdns-17.org>.  172536  IN
>> A
>> >       205.251.196.138
>> > ns-1949.awsdns-51.co.uk <http://ns-1949.awsdns-51.co.uk>. 172536 IN
>> >      A       205.251.199.157
>> >
>> > ;; Query time: 40 msec
>> > ;; SERVER: 172.20.0.1#53(172.20.0.1)
>> > ;; WHEN: Thu Jun 30 13:16:37 MDT 2016
>> > ;; MSG SIZE  rcvd: 273
>> >
>> >
>> > {0}:/etc/bind>dig www.dropbox.com <http://www.dropbox.com>
>> >
>> > ; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> www.dropbox.com
>> > <http://www.dropbox.com>
>> > ;; global options: +cmd
>> > ;; Got answer:
>> > ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 1539
>> > ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
>> >
>> > ;; OPT PSEUDOSECTION:
>> > ; EDNS: version: 0, flags:; udp: 4096
>> > ;; QUESTION SECTION:
>> > ;www.dropbox.com <http://www.dropbox.com>.               IN      A
>> >
>> > ;; Query time: 48 msec
>> > ;; SERVER: 172.20.0.1#53(172.20.0.1)
>> > ;; WHEN: Thu Jun 30 13:16:42 MDT 2016
>> > ;; MSG SIZE  rcvd: 44
>> >
>> >
>> > Thoughts?
>> >
>> >
>> >
>> > _______________________________________________
>> > Ale mailing list
>> > Ale at ale.org
>> > http://mail.ale.org/mailman/listinfo/ale
>> > See JOBS, ANNOUNCE and SCHOOLS lists at
>> > http://mail.ale.org/mailman/listinfo
>> >
>>
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org
>> http://mail.ale.org/mailman/listinfo/ale
>> See JOBS, ANNOUNCE and SCHOOLS lists at
>> http://mail.ale.org/mailman/listinfo
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20160701/280eeeb1/attachment.html>


More information about the Ale mailing list