recursive query use tcp ?

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

recursive query use tcp ?

Sukmoon Lee
Hello.

My Test DNS is not response for "*.tk".
I looked around then my server not work connect using udp for tk's tld name sever.
But this server is work to using TCP. (below test)

If there is an option on the named server that recursive queries use tcp?
I can't search BIND ARM.

Thanks in Advance.


Regards,
Sukmoon Lee




---------------------------------

$ dig @194.0.38.1 sukmoonlee.tk

; <<>> DiG 9.11.2-P1 <<>> @194.0.38.1 sukmoonlee.tk
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached

$ dig @194.0.38.1 sukmoonlee.tk +tcp

; <<>> DiG 9.11.2-P1 <<>> @194.0.38.1 sukmoonlee.tk +tcp
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30919
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 9
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;sukmoonlee.tk.                 IN      A

;; ANSWER SECTION:
sukmoonlee.tk.          300     IN      A       195.20.43.161

;; AUTHORITY SECTION:
tk.                     86400   IN      NS      a.ns.tk.
tk.                     86400   IN      NS      b.ns.tk.
tk.                     86400   IN      NS      c.ns.tk.
tk.                     86400   IN      NS      d.ns.tk.

;; ADDITIONAL SECTION:
a.ns.tk.                10800   IN      A       194.0.38.1
b.ns.tk.                10800   IN      A       194.0.39.1
c.ns.tk.                10800   IN      A       194.0.40.1
d.ns.tk.                10800   IN      A       194.0.41.1
a.ns.tk.                10800   IN      AAAA    2001:678:50::1
b.ns.tk.                10800   IN      AAAA    2001:678:54::1
c.ns.tk.                10800   IN      AAAA    2001:678:58::1
d.ns.tk.                10800   IN      AAAA    2001:678:5c::1

;; Query time: 242 msec
;; SERVER: 194.0.38.1#53(194.0.38.1)
;; WHEN: Mon Apr 08 11:32:40 KST 2019
;; MSG SIZE  rcvd: 301

_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|

Re: recursive query use tcp ?

Mark Andrews
I suggest that you fix whatever is blocking the UDP queries as the servers
(in Singapore at least) do respond to UDP queries.

% dig @194.0.38.1 sukmoonlee.tk +nsid

; <<>> DiG 9.15.0-dev+hotspot+add-prefetch+marka <<>> @194.0.38.1 sukmoonlee.tk +nsid
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54117
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 9
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
; NSID: 73 69 6e ("sin")
;; QUESTION SECTION:
;sukmoonlee.tk. IN A

;; ANSWER SECTION:
sukmoonlee.tk. 300 IN A 195.20.43.161

;; AUTHORITY SECTION:
tk. 86400 IN NS a.ns.tk.
tk. 86400 IN NS b.ns.tk.
tk. 86400 IN NS c.ns.tk.
tk. 86400 IN NS d.ns.tk.

;; ADDITIONAL SECTION:
a.ns.tk. 10800 IN A 194.0.38.1
b.ns.tk. 10800 IN A 194.0.39.1
c.ns.tk. 10800 IN A 194.0.40.1
d.ns.tk. 10800 IN A 194.0.41.1
a.ns.tk. 10800 IN AAAA 2001:678:50::1
b.ns.tk. 10800 IN AAAA 2001:678:54::1
c.ns.tk. 10800 IN AAAA 2001:678:58::1
d.ns.tk. 10800 IN AAAA 2001:678:5c::1

;; Query time: 136 msec
;; SERVER: 194.0.38.1#53(194.0.38.1)
;; WHEN: Mon Apr 08 14:31:12 AEST 2019
;; MSG SIZE  rcvd: 308

%

That said you can set "tcp-only yes”; in an appropriate server
clause.

Mark

> On 8 Apr 2019, at 2:26 pm, Sukmoon Lee <[hidden email]> wrote:
>
> Hello.
>
> My Test DNS is not response for "*.tk".
> I looked around then my server not work connect using udp for tk's tld name sever.
> But this server is work to using TCP. (below test)
>
> If there is an option on the named server that recursive queries use tcp?
> I can't search BIND ARM.
>
> Thanks in Advance.
>
>
> Regards,
> Sukmoon Lee
>
>
>
>
> ---------------------------------
>
> $ dig @194.0.38.1 sukmoonlee.tk
>
> ; <<>> DiG 9.11.2-P1 <<>> @194.0.38.1 sukmoonlee.tk
> ; (1 server found)
> ;; global options: +cmd
> ;; connection timed out; no servers could be reached
>
> $ dig @194.0.38.1 sukmoonlee.tk +tcp
>
> ; <<>> DiG 9.11.2-P1 <<>> @194.0.38.1 sukmoonlee.tk +tcp
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30919
> ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 9
> ;; WARNING: recursion requested but not available
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 512
> ;; QUESTION SECTION:
> ;sukmoonlee.tk.                 IN      A
>
> ;; ANSWER SECTION:
> sukmoonlee.tk.          300     IN      A       195.20.43.161
>
> ;; AUTHORITY SECTION:
> tk.                     86400   IN      NS      a.ns.tk.
> tk.                     86400   IN      NS      b.ns.tk.
> tk.                     86400   IN      NS      c.ns.tk.
> tk.                     86400   IN      NS      d.ns.tk.
>
> ;; ADDITIONAL SECTION:
> a.ns.tk.                10800   IN      A       194.0.38.1
> b.ns.tk.                10800   IN      A       194.0.39.1
> c.ns.tk.                10800   IN      A       194.0.40.1
> d.ns.tk.                10800   IN      A       194.0.41.1
> a.ns.tk.                10800   IN      AAAA    2001:678:50::1
> b.ns.tk.                10800   IN      AAAA    2001:678:54::1
> c.ns.tk.                10800   IN      AAAA    2001:678:58::1
> d.ns.tk.                10800   IN      AAAA    2001:678:5c::1
>
> ;; Query time: 242 msec
> ;; SERVER: 194.0.38.1#53(194.0.38.1)
> ;; WHEN: Mon Apr 08 11:32:40 KST 2019
> ;; MSG SIZE  rcvd: 301
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>
> bind-users mailing list
> [hidden email]
> https://lists.isc.org/mailman/listinfo/bind-users

--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742              INTERNET: [hidden email]

_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|

RE: recursive query use tcp ?

Sukmoon Lee
I have check that your recommended option works well.
Thank you very much.


08-Apr-2019 14:30:17.867 CQ 127.0.0.1:60997 -> 127.0.0.1:0 UDP 54b sukmoonlee.tk/IN/A
08-Apr-2019 14:30:17.867 RQ 10.0.2.15:53866 -> 192.112.36.4:53 UDP 40b ./IN/NS
08-Apr-2019 14:30:17.867 RQ 10.0.2.15:39398 -> 192.112.36.4:53 UDP 43b tk/IN/NS
08-Apr-2019 14:30:17.926 RR 10.0.2.15:53866 <- 192.112.36.4:53 UDP 56b ./IN/NS
08-Apr-2019 14:30:17.927 RR 10.0.2.15:39398 <- 192.112.36.4:53 UDP 505b tk/IN/NS
08-Apr-2019 14:30:17.926 RQ 10.0.2.15:45621 -> 192.112.36.4:53 TCP 56b ./IN/NS
08-Apr-2019 14:30:17.927 RQ 10.0.2.15:51377 -> 194.0.38.1:53 TCP 43b tk/IN/NS
08-Apr-2019 14:30:18.559 RR 10.0.2.15:51377 <- 194.0.38.1:53 TCP 274b tk/IN/NS
08-Apr-2019 14:30:18.560 RQ 10.0.2.15:45121 -> 192.112.36.4:53 UDP 64b a.ns.tk/IN/AAAA
08-Apr-2019 14:30:18.560 RQ 10.0.2.15:40088 -> 192.112.36.4:53 UDP 64b b.ns.tk/IN/AAAA
08-Apr-2019 14:30:18.561 RQ 10.0.2.15:59965 -> 192.112.36.4:53 UDP 64b c.ns.tk/IN/AAAA
08-Apr-2019 14:30:18.561 RQ 10.0.2.15:48924 -> 192.112.36.4:53 UDP 64b d.ns.tk/IN/AAAA
08-Apr-2019 14:30:18.619 RR 10.0.2.15:40088 <- 192.112.36.4:53 UDP 617b b.ns.tk/IN/AAAA
08-Apr-2019 14:30:18.621 RR 10.0.2.15:59965 <- 192.112.36.4:53 UDP 617b c.ns.tk/IN/AAAA
08-Apr-2019 14:30:18.624 RR 10.0.2.15:45121 <- 192.112.36.4:53 UDP 617b a.ns.tk/IN/AAAA
08-Apr-2019 14:30:18.627 RR 10.0.2.15:48924 <- 192.112.36.4:53 UDP 617b d.ns.tk/IN/AAAA
08-Apr-2019 14:30:18.559 RQ 10.0.2.15:33217 -> 194.0.41.1:53 TCP 54b sukmoonlee.tk/IN/A
08-Apr-2019 14:30:18.621 RQ 10.0.2.15:60200 -> 194.0.40.1:53 TCP 48b c.ns.tk/IN/AAAA
08-Apr-2019 14:30:18.624 RQ 10.0.2.15:39098 -> 194.0.40.1:53 TCP 48b a.ns.tk/IN/AAAA
08-Apr-2019 14:30:18.620 RQ 10.0.2.15:50933 -> 194.0.40.1:53 TCP 48b b.ns.tk/IN/AAAA
08-Apr-2019 14:30:18.627 RQ 10.0.2.15:50889 -> 194.0.40.1:53 TCP 48b d.ns.tk/IN/AAAA
08-Apr-2019 14:30:19.049 RR 10.0.2.15:33217 <- 194.0.41.1:53 TCP 301b sukmoonlee.tk/IN/A
08-Apr-2019 14:30:19.049 CR 127.0.0.1:60997 <- 127.0.0.1:0 UDP 86b sukmoonlee.tk/IN/A
08-Apr-2019 14:30:19.115 RR 10.0.2.15:60200 <- 194.0.40.1:53 TCP 274b c.ns.tk/IN/AAAA
08-Apr-2019 14:30:19.116 RR 10.0.2.15:50933 <- 194.0.40.1:53 TCP 274b b.ns.tk/IN/AAAA
08-Apr-2019 14:30:19.118 RR 10.0.2.15:39098 <- 194.0.40.1:53 TCP 274b a.ns.tk/IN/AAAA

-----Original Message-----
From: Mark Andrews <[hidden email]>
Sent: Monday, April 08, 2019 1:38 PM
To: 이석문님/Core솔루션팀 <[hidden email]>
Cc: [hidden email]
Subject: Re: recursive query use tcp ?

I suggest that you fix whatever is blocking the UDP queries as the servers (in Singapore at least) do respond to UDP queries.

% dig @194.0.38.1 sukmoonlee.tk +nsid

; <<>> DiG 9.15.0-dev+hotspot+add-prefetch+marka <<>> @194.0.38.1 sukmoonlee.tk +nsid ; (1 server found) ;; global options: +cmd ;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54117 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 9 ;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
; NSID: 73 69 6e ("sin")
;; QUESTION SECTION:
;sukmoonlee.tk. IN A

;; ANSWER SECTION:
sukmoonlee.tk. 300 IN A 195.20.43.161

;; AUTHORITY SECTION:
tk. 86400 IN NS a.ns.tk.
tk. 86400 IN NS b.ns.tk.
tk. 86400 IN NS c.ns.tk.
tk. 86400 IN NS d.ns.tk.

;; ADDITIONAL SECTION:
a.ns.tk. 10800 IN A 194.0.38.1
b.ns.tk. 10800 IN A 194.0.39.1
c.ns.tk. 10800 IN A 194.0.40.1
d.ns.tk. 10800 IN A 194.0.41.1
a.ns.tk. 10800 IN AAAA 2001:678:50::1
b.ns.tk. 10800 IN AAAA 2001:678:54::1
c.ns.tk. 10800 IN AAAA 2001:678:58::1
d.ns.tk. 10800 IN AAAA 2001:678:5c::1

;; Query time: 136 msec
;; SERVER: 194.0.38.1#53(194.0.38.1)
;; WHEN: Mon Apr 08 14:31:12 AEST 2019
;; MSG SIZE  rcvd: 308

%

That said you can set "tcp-only yes”; in an appropriate server clause.

Mark

> On 8 Apr 2019, at 2:26 pm, Sukmoon Lee <[hidden email]> wrote:
>
> Hello.
>
> My Test DNS is not response for "*.tk".
> I looked around then my server not work connect using udp for tk's tld name sever.
> But this server is work to using TCP. (below test)
>
> If there is an option on the named server that recursive queries use tcp?
> I can't search BIND ARM.
>
> Thanks in Advance.
>
>
> Regards,
> Sukmoon Lee
>
>
>
>
> ---------------------------------
>
> $ dig @194.0.38.1 sukmoonlee.tk
>
> ; <<>> DiG 9.11.2-P1 <<>> @194.0.38.1 sukmoonlee.tk ; (1 server found)
> ;; global options: +cmd ;; connection timed out; no servers could be
> reached
>
> $ dig @194.0.38.1 sukmoonlee.tk +tcp
>
> ; <<>> DiG 9.11.2-P1 <<>> @194.0.38.1 sukmoonlee.tk +tcp ; (1 server
> found) ;; global options: +cmd ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30919 ;; flags: qr
> aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 9 ;; WARNING:
> recursion requested but not available
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 512
> ;; QUESTION SECTION:
> ;sukmoonlee.tk.                 IN      A
>
> ;; ANSWER SECTION:
> sukmoonlee.tk.          300     IN      A       195.20.43.161
>
> ;; AUTHORITY SECTION:
> tk.                     86400   IN      NS      a.ns.tk.
> tk.                     86400   IN      NS      b.ns.tk.
> tk.                     86400   IN      NS      c.ns.tk.
> tk.                     86400   IN      NS      d.ns.tk.
>
> ;; ADDITIONAL SECTION:
> a.ns.tk.                10800   IN      A       194.0.38.1
> b.ns.tk.                10800   IN      A       194.0.39.1
> c.ns.tk.                10800   IN      A       194.0.40.1
> d.ns.tk.                10800   IN      A       194.0.41.1
> a.ns.tk.                10800   IN      AAAA    2001:678:50::1
> b.ns.tk.                10800   IN      AAAA    2001:678:54::1
> c.ns.tk.                10800   IN      AAAA    2001:678:58::1
> d.ns.tk.                10800   IN      AAAA    2001:678:5c::1
>
> ;; Query time: 242 msec
> ;; SERVER: 194.0.38.1#53(194.0.38.1)
> ;; WHEN: Mon Apr 08 11:32:40 KST 2019
> ;; MSG SIZE  rcvd: 301
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> bind-users mailing list
> [hidden email]
> https://lists.isc.org/mailman/listinfo/bind-users

--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742              INTERNET: [hidden email]

_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users