difference in responses between UDP and TCP

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
10 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

difference in responses between UDP and TCP

arun
Hello,

Wondering why we are seeing different serial numbers from a bind authoritative server for requests over UDP and TCP.

dig +tcp soa @ns.example.com example.com +short
ns1.example.com. hostmaster.example.com. 2017061505 10800 3600 3600000 3600

dig +notcp soa @ns.example.com example.com +short
ns1.example.com. hostmaster.example.com. 2017061506 10800 3600 3600000 3600

any idea?

thanks,

--
arun

_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: difference in responses between UDP and TCP

Anand Buddhdev
On 15/06/2017 12:20, Arun Natarajan wrote:

> Hello,
>
> Wondering why we are seeing different serial numbers from a bind
> authoritative server for requests over UDP and TCP.
>
> dig +tcp soa @ns.example.com example.com +short
> ns1.example.com. hostmaster.example.com. 2017061505 10800 3600 3600000 3600
>
> dig +notcp soa @ns.example.com example.com +short
> ns1.example.com. hostmaster.example.com. 2017061506 10800 3600 3600000 3600

Perhaps the zone got updated between your queries.

Have you (as one should in a proper experiment) repeated these queries
to demonstrate that this is happening consistently?

If it is happening consistently, then it's possible that you have *two*
DNS servers listening on the server, one on the UDP socket, and another
on the TCP socket, and they're loaded with different zones.

Regards,
Anand
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: difference in responses between UDP and TCP

Tony Finch
In reply to this post by arun
Arun Natarajan <[hidden email]> wrote:
>
> any idea?

Without knowing the server host name and zone name there could be lots of
different reasons, so there isn't really any way to answer.

Tony.
--
f.anthony.n.finch  <[hidden email]>  http://dotat.at/  -  I xn--zr8h punycode
Dover: Southwest 5 to 7, veering west 4 or 5 later. Moderate becoming slight
later. Fog patches at first. Good, occasionally very poor at first.
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: difference in responses between UDP and TCP

Reindl Harald
In reply to this post by arun


Am 15.06.2017 um 12:20 schrieb Arun Natarajan:

> Hello,
>
> Wondering why we are seeing different serial numbers from a bind
> authoritative server for requests over UDP and TCP.
>
> dig +tcp soa @ns.example.com <http://ns.example.com> example.com
> <http://example.com> +short
> ns1.example.com <http://ns1.example.com>. hostmaster.example.com
> <http://hostmaster.example.com>. 2017061505 10800 3600 3600000 3600
>
> dig +notcp soa @ns.example.com <http://ns.example.com> example.com
> <http://example.com> +short
> ns1.example.com <http://ns1.example.com>. hostmaster.example.com
> <http://hostmaster.example.com>. 2017061506 10800 3600 3600000 3600
>
> any idea?

what is the purpose to hide anyways public informations especially when
you seek help from others?

http://www.catb.org/esr/faqs/smart-questions.html#beprecise
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: difference in responses between UDP and TCP

Alan Clegg
In reply to this post by arun


On 6/15/17 6:20 AM, Arun Natarajan wrote:

> Hello,
>
> Wondering why we are seeing different serial numbers from a bind
> authoritative server for requests over UDP and TCP.
>
> dig +tcp soa @ns.example.com <http://ns.example.com> example.com
> <http://example.com> +short
> ns1.example.com <http://ns1.example.com>. hostmaster.example.com
> <http://hostmaster.example.com>. 2017061505 10800 3600 3600000 3600
>
> dig +notcp soa @ns.example.com <http://ns.example.com> example.com
> <http://example.com> +short
> ns1.example.com <http://ns1.example.com>. hostmaster.example.com
> <http://hostmaster.example.com>. 2017061506 10800 3600 3600000 3600
>
> any idea?
Twelve.


_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users

signature.asc (859 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: difference in responses between UDP and TCP

Warren Kumari
On Thu, Jun 15, 2017 at 11:13 AM, Alan Clegg <[hidden email]> wrote:

>
>
> On 6/15/17 6:20 AM, Arun Natarajan wrote:
>> Hello,
>>
>> Wondering why we are seeing different serial numbers from a bind
>> authoritative server for requests over UDP and TCP.
>>
>> dig +tcp soa @ns.example.com <http://ns.example.com> example.com
>> <http://example.com> +short
>> ns1.example.com <http://ns1.example.com>. hostmaster.example.com
>> <http://hostmaster.example.com>. 2017061505 10800 3600 3600000 3600
>>
>> dig +notcp soa @ns.example.com <http://ns.example.com> example.com
>> <http://example.com> +short
>> ns1.example.com <http://ns1.example.com>. hostmaster.example.com
>> <http://hostmaster.example.com>. 2017061506 10800 3600 3600000 3600
>>
>> any idea?
>
> Twelve.
>
>
Actually, 1.

$echo "2017061506 - 2017061505" | bc -l
1
$



> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>
> bind-users mailing list
> [hidden email]
> https://lists.isc.org/mailman/listinfo/bind-users



--
I don't think the execution is relevant when it was obviously a bad
idea in the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair
of pants.
   ---maf
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: difference in responses between UDP and TCP

arun
In reply to this post by Anand Buddhdev
Hello Anand,

 Thanks for the response.

Perhaps the zone got updated between your queries.

Have you (as one should in a proper experiment) repeated these queries
to demonstrate that this is happening consistently?

Yes, it is a consistent behaviour. It happens with some of our secondaries.

for example: 
dig +tcp @212.26.18.3 pub.sa 
serial: 2017061804
dig +notcp @212.26.18.3 pub.sa
serial: 2017061805


If it is happening consistently, then it's possible that you have *two*
DNS servers listening on the server, one on the UDP socket, and another
on the TCP socket, and they're loaded with different zones.

To my understanding, they are running bind with one configuration. Will double check anyway.
 
thanks,
arun 

_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: difference in responses between UDP and TCP

arun
In reply to this post by Tony Finch
Hello Tony,



Without knowing the server host name and zone name there could be lots of
different reasons, so there isn't really any way to answer.

True, 
 
dig +tcp @212.26.18.3 pub.sa 
serial: 2017061804
dig +notcp @212.26.18.3 pub.sa
serial: 2017061805

--
arun
 

_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: difference in responses between UDP and TCP

Reindl Harald

Am 18.06.2017 um 12:12 schrieb Arun Natarajan:

> Hello Tony,
>
>
>
>     Without knowing the server host name and zone name there could be
>     lots of
>     different reasons, so there isn't really any way to answer.
>
> True,
> dig +tcp @212.26.18.3 <http://212.26.18.3> pub.sa <http://pub.sa>
> serial: 2017061804
> dig +notcp @212.26.18.3 <http://212.26.18.3> pub.sa <http://pub.sa>
> serial: 2017061805

no
_____________________________________________________________

[harry@srv-rhsoft:~]$ dig +tcp @212.26.18.3 pub.sa

; <<>> DiG 9.10.4-P8-RedHat-9.10.4-5.P8.fc25 <<>> +tcp @212.26.18.3 pub.sa
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13874
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;pub.sa.                                IN      A

;; AUTHORITY SECTION:
pub.sa.                 3600    IN      SOA     ns1.nic.net.sa.
hostmaster.nic.net.sa. 2017061806 10800 3600 3600000 3600

;; Query time: 125 msec
;; SERVER: 212.26.18.3#53(212.26.18.3)
;; WHEN: So Jun 18 13:42:41 CEST 2017
;; MSG SIZE  rcvd: 94
_____________________________________________________________

[harry@srv-rhsoft:~]$ dig +notcp @212.26.18.3 pub.sa

; <<>> DiG 9.10.4-P8-RedHat-9.10.4-5.P8.fc25 <<>> +notcp @212.26.18.3 pub.sa
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43839
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;pub.sa.                                IN      A

;; AUTHORITY SECTION:
pub.sa.                 3600    IN      SOA     ns1.nic.net.sa.
hostmaster.nic.net.sa. 2017061806 10800 3600 3600000 3600

;; Query time: 118 msec
;; SERVER: 212.26.18.3#53(212.26.18.3)
;; WHEN: So Jun 18 13:42:49 CEST 2017
;; MSG SIZE  rcvd: 94
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: difference in responses between UDP and TCP

arun
In reply to this post by arun
If it is happening consistently, then it's possible that you have *two*
DNS servers listening on the server, one on the UDP socket, and another
on the TCP socket, and they're loaded with different zones.

 
You are right, seems there are two DNS process listening TCP and UDP.  :)
 
To my understanding, they are running bind with one configuration. Will double check anyway.
 

_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Loading...