Skunk Worx wrote:
Paul Howarth wrote:
On Mon, 2005-08-22 at 12:58 -0700, Skunk Worx wrote:
Paul Howarth wrote:
On Sun, 2005-08-21 at 16:54 -0700, Skunk Worx wrote:
My FC3 local caching DNS is placing the AUTHORITY section in the
responses. I think this exceeds a certain size threshold and I get
this :
# dig @10.0.0.2 www.wikipedia.org
;; Truncated, retrying in TCP mode.
When I go directly to my ISP's dns, it is fine, I assume because
there is no lengthy AUTHORITY section in their reply.
What lengthy AUTHORITY section? I'm getting just this:
;; flags: qr rd ra; QUERY: 1, ANSWER: 8, AUTHORITY: 3, ADDITIONAL: 3
So far I always get back AUTHORITY: 13 from my local caching DNS with
lines in the form of :
. 28240 IN NS A.ROOT-SERVERS.NET.
If I make an empty root.hints file I get SERVFAIL. If I try trimming
down the root.hints file, or removing it, I get all 13 entries back.
Dig'ing directly to my ISPs DNS returns AUTHORITY: 0 (no list), so
the size of the response is not big enough to trigger the glibc bug.
I've been fooling with the root.hints, zone and conf files and
reviewing the caching DNS howto's (via google) but so far it's all or
nothing (13 AUTHORITY: entries or SERVFAIL).
What's strange about this is that the AUTHORITY section should be
returning the 3 wikipedia.org nameservers, not the root servers.
What do you get for:
$ dig www.wikipedia.org +trace
$ rpm -q bind
Thanks again for your continuing help. I must have some configuration
setting botched to be getting all those root server entries.
--
SW
$ dig www.wikipedia.org +trace
; <<>> DiG 9.2.5 <<>> www.wikipedia.org +trace
;; global options: printcmd
. 38309 IN NS D.ROOT-SERVERS.NET.
. 38309 IN NS E.ROOT-SERVERS.NET.
. 38309 IN NS F.ROOT-SERVERS.NET.
. 38309 IN NS G.ROOT-SERVERS.NET.
. 38309 IN NS H.ROOT-SERVERS.NET.
. 38309 IN NS I.ROOT-SERVERS.NET.
. 38309 IN NS J.ROOT-SERVERS.NET.
. 38309 IN NS K.ROOT-SERVERS.NET.
. 38309 IN NS L.ROOT-SERVERS.NET.
. 38309 IN NS M.ROOT-SERVERS.NET.
. 38309 IN NS A.ROOT-SERVERS.NET.
. 38309 IN NS B.ROOT-SERVERS.NET.
. 38309 IN NS C.ROOT-SERVERS.NET.
;; Received 260 bytes from 10.0.0.2#53(10.0.0.2) in 3 ms
org. 172800 IN NS TLD1.ULTRADNS.NET.
org. 172800 IN NS TLD2.ULTRADNS.NET.
org. 172800 IN NS TLD3.ULTRADNS.org.
org. 172800 IN NS TLD4.ULTRADNS.org.
org. 172800 IN NS TLD5.ULTRADNS.INFO.
org. 172800 IN NS TLD6.ULTRADNS.CO.UK.
;; Received 293 bytes from 128.8.10.90#53(D.ROOT-SERVERS.NET) in 103 ms
wikipedia.org. 86400 IN NS ns2.wikimedia.org.
wikipedia.org. 86400 IN NS ns1.wikimedia.org.
wikipedia.org. 86400 IN NS ns0.wikimedia.org.
;; Received 147 bytes from 204.74.112.1#53(TLD1.ULTRADNS.NET) in 20 ms
www.wikipedia.org. 3600 IN CNAME rr.wikimedia.org.
rr.wikimedia.org. 600 IN CNAME rr.pmtpa.wikimedia.org.
rr.pmtpa.wikimedia.org. 3600 IN A 207.142.131.248
rr.pmtpa.wikimedia.org. 3600 IN A 207.142.131.204
rr.pmtpa.wikimedia.org. 3600 IN A 207.142.131.210
rr.pmtpa.wikimedia.org. 3600 IN A 207.142.131.246
rr.pmtpa.wikimedia.org. 3600 IN A 207.142.131.235
rr.pmtpa.wikimedia.org. 3600 IN A 207.142.131.213
rr.pmtpa.wikimedia.org. 3600 IN A 207.142.131.245
rr.pmtpa.wikimedia.org. 3600 IN A 207.142.131.203
rr.pmtpa.wikimedia.org. 3600 IN A 207.142.131.206
rr.pmtpa.wikimedia.org. 3600 IN A 207.142.131.214
rr.pmtpa.wikimedia.org. 3600 IN A 207.142.131.247
rr.pmtpa.wikimedia.org. 3600 IN A 207.142.131.236
rr.pmtpa.wikimedia.org. 3600 IN A 207.142.131.202
rr.pmtpa.wikimedia.org. 3600 IN A 207.142.131.205
;; Received 309 bytes from 145.97.39.158#53(ns2.wikimedia.org) in 168 ms
So that looks OK then.
Is your named configured to resolve things itself, or forward requests
to your ISP's server? Whatever it is, trying the other option might work
around the issue for the time being.
Paul.