Mailing List ecs-isp@2rosenthals.com Archived Message #494 previous message next message back to list

From: "Lewis G Rosenthal" <ecs-isp@2rosenthals.com> Full Headers
Undecoded message
Subject: Re: [eCS-ISP] Odd dig behavior
Date: Mon, 22 May 2023 12:02:12 -0400
To: eCS ISP Mailing List <ecs-isp@2rosenthals.com>

Hi...

This intrigued me, but I was otherwise occupied yesterday.

On 05/21/23 12:14 pm, Steven Levine wrote:
Hi all,

As some of you know, Peter Moylan is working on DNS issues with his
pmoylan.org domain.  While doing some testing with dig, I ran into some
unexpected behaviors which I would like others to double check.
Currently, I have DiG 9.11.28 installed.

[d:\tmp]dig  +nssearch  pmoylan.org

reports

couldn't get address for 'ns1.wiz.net.au': failure
couldn't get address for 'ns2.wiz.net.au': failure
D:\usr2\bin\dig.exe: couldn't get address for 'ns1.wiz.net.au': no more

Do any of you get differing responses?  This command returns expected
results on OpenSuse and lists the SOA records.


{0}[j:\] dig -v
DiG 9.8.1-OS2-9.8.1-1.oc00

{0}[j:\] dig  +nssearch  pmoylan.org
SOA ns1.wiz.net.au. dns.wiz.net.au. 2019030902 10800 3600 604800 300 from server 203.30.197.11 in 213 ms.
SOA ns1.wiz.net.au. dns.wiz.net.au. 2019030902 10800 3600 604800 300 from server 43.229.63.26 in 219 ms.

(Yes, it's old, but it works.)

[d:\tmp]dig +short  pmoylan.org

returns nothing which is expected given the issues Peter is working on.

Ditto.

It should also be noted that:

dig pmoylan.org

returns data from my local DNS, though I can't rightly tell how long that may have been cached.

However, for bind 9.11.36 and 9.11.37, this command hangs.  It can be
killed with top's forced kill (Ctrl-F), but not a normal kill (Ctrl-K).

Do any of you get differing results.

dig.exe from bind 9.12.4 seems work the same as 9.11.28 for these tests.


Interesting hang.

I get the same results (list of servers, nothing short) with 9.16.38 on SuSE 15.4.

Now, while pmoylan.org does not seem to have an A record or a CNAME (or an AAAA), mail.pmoylan.org does have a CNAME record, and this is listed as Peter's primary MX. (It is generally considered not good practice to have an MX record pointing to a CNAME rather than an A, but some systems allow it.) mail.pmoylan.org seems to be a CNAME for pmoylan.duckdns.org. Likewise, ftp.pmoylan.org is another CNAME for the same host.

Now, it is not incorrect for there to not be an A or CNAME pointing to the domain itself (it's just sort of unusual these days).

Without seeing a dump of his zonefile, it's impossible to tell what we should be seeing, but IAC, dig shouldn't hang, so I guess that's the point of this exercise.

--
Lewis
-------------------------------------------------------------
Lewis G Rosenthal, CNA, CLP, CLE, CWTS, EA
Rosenthal & Rosenthal, LLC                www.2rosenthals.com
visit my IT blog                www.2rosenthals.net/wordpress
-------------------------------------------------------------
Subscribe: Feed, Digest, Index.
Unsubscribe
Mail to ListMaster