[prev in list] [next in list] [prev in thread] [next in thread] 

List:       dns-operations
Subject:    Re: [dns-operations] why use different dig version return different result?
From:       Doug Barton <dougb () dougbarton ! email>
Date:       2018-09-10 4:46:04
Message-ID: 64ae1b5d-d0bb-9861-29e2-55117a68999a () dougbarton ! email
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


On 09/09/2018 08:27 PM, Champion Xie wrote:
>
> why  use different dig version return different result?    Request to 
> reach a different server?
>
>
> *./dig xn--j1amh. @212.1.66.247 <http://212.1.66.247>  +edns=1*
> ;; BADVERS, retrying with EDNS version 0.

You apparently missed the above. Newer BIND steps down the EDNS version 
if a higher version fails, and retries. SERVFAIL is the "correct" 
answer, as nsi.uanic.net is apparently not configured for the zone (even 
though it's in the root delegation for it).

Your earlier version of BIND below gave up on the BADVERS error.

> ; <<>> *DiG 9.11.1cn1-P3* <<>> xn--j1amh. @212.1.66.247 
> <http://212.1.66.247> +edns=1
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: *SERVFAIL*, id: 41568
> ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
> ;; WARNING: recursion requested but not available
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 4096
> ;; QUESTION SECTION:
> ;xn--j1amh.INA
>
> ;; Query time: 3249 msec
> ;; SERVER: 212.1.66.247#53(212.1.66.247)
> ;; WHEN: Mon Sep 10 11:15:29 CST 2018
> ;; MSG SIZE  rcvd: 38
>
> dig xn--j1amh. @212.1.66.247 <http://212.1.66.247>  +edns=1
>
> ; <<>>*DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6* <<>> xn--j1amh. 
> @212.1.66.247 <http://212.1.66.247> +edns=1
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: *BADVERS*, id: 53766
> ;; flags: qr rd; QUERY: 0, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
> ;; WARNING: recursion requested but not available
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 4096
> ;; Query time: 819 msec
> ;; SERVER: 212.1.66.247#53(212.1.66.247)
> ;; WHEN: Mon Sep 10 11:16:08 2018
> ;; MSG SIZE  rcvd: 23
>
> -- 
> Best Regards!!
> champion_xie
>
>
> _______________________________________________
> dns-operations mailing list
> dns-operations@lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-operations mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations



[Attachment #5 (text/html)]

<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
  </head>
  <body text="#000000" bgcolor="#FFFFFF">
    <div class="moz-cite-prefix">On 09/09/2018 08:27 PM, Champion Xie
      wrote:<br>
    </div>
    <blockquote type="cite"
cite="mid:CANsrF0PxYBYGxduK2uXW_ocZ+zYd8S+_9QHMxTbLasC-wa8PVQ@mail.gmail.com">
      <meta http-equiv="content-type" content="text/html; charset=utf-8">
      <div dir="ltr">
        <div dir="ltr">
          <div dir="ltr">
            <div><br>
            </div>
            <div>why  use different dig version return different
              result?    Request to reach a different server?</div>
            <br>
            <div><br>
            </div>
            <div><b>./dig xn--j1amh. @<a href="http://212.1.66.247"
                  moz-do-not-send="true">212.1.66.247</a>  +edns=1</b></div>
            <div>;<font color="#33ff33">; BADVERS, retrying with EDNS
                version 0.</font></div>
          </div>
        </div>
      </div>
    </blockquote>
    <br>
    You apparently missed the above. Newer BIND steps down the EDNS
    version if a higher version fails, and retries. SERVFAIL is the
    "correct" answer, as nsi.uanic.net is apparently not configured for
    the zone (even though it's in the root delegation for it). <br>
    <br>
    Your earlier version of BIND below gave up on the BADVERS error. <br>
    <br>
    <blockquote type="cite"
cite="mid:CANsrF0PxYBYGxduK2uXW_ocZ+zYd8S+_9QHMxTbLasC-wa8PVQ@mail.gmail.com">
      <div dir="ltr">
        <div dir="ltr">
          <div dir="ltr">
            <div>; &lt;&lt;&gt;&gt; <b>DiG 9.11.1cn1-P3</b>
              &lt;&lt;&gt;&gt; xn--j1amh. @<a href="http://212.1.66.247"
                moz-do-not-send="true">212.1.66.247</a> +edns=1</div>
            <div>;; global options: +cmd</div>
            <div>;; Got answer:</div>
            <div>;; -&gt;&gt;HEADER&lt;&lt;- opcode: QUERY, status: <b><font
                  color="#ff0000">SERVFAIL</font></b>, id: 41568</div>
            <div>;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0,
              ADDITIONAL: 1</div>
            <div>;; WARNING: recursion requested but not available</div>
            <div><br>
            </div>
            <div>;; OPT PSEUDOSECTION:</div>
            <div>; EDNS: version: 0, flags:; udp: 4096</div>
            <div>;; QUESTION SECTION:</div>
            <div>;xn--j1amh.<span style="white-space:pre">			</span>IN<span \
style="white-space:pre">	</span>A</div>  <div><br>
            </div>
            <div>;; Query time: 3249 msec</div>
            <div>;; SERVER: 212.1.66.247#53(212.1.66.247)</div>
            <div>;; WHEN: Mon Sep 10 11:15:29 CST 2018</div>
            <div>;; MSG SIZE  rcvd: 38</div>
            <div><br>
            </div>
            <div>dig xn--j1amh. @<a href="http://212.1.66.247"
                moz-do-not-send="true">212.1.66.247</a>  +edns=1<br>
            </div>
            <div><br>
            </div>
            <div>; &lt;&lt;&gt;&gt;<b> DiG
                9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6</b> &lt;&lt;&gt;&gt;
              xn--j1amh. @<a href="http://212.1.66.247"
                moz-do-not-send="true">212.1.66.247</a> +edns=1</div>
            <div>;; global options: +cmd</div>
            <div>;; Got answer:</div>
            <div>;; -&gt;&gt;HEADER&lt;&lt;- opcode: QUERY, status: <b><font
                  color="#ff0000">BADVERS</font></b>, id: 53766</div>
            <div>;; flags: qr rd; QUERY: 0, ANSWER: 0, AUTHORITY: 0,
              ADDITIONAL: 1</div>
            <div>;; WARNING: recursion requested but not available</div>
            <div><br>
            </div>
            <div>;; OPT PSEUDOSECTION:</div>
            <div>; EDNS: version: 0, flags:; udp: 4096</div>
            <div>;; Query time: 819 msec</div>
            <div>;; SERVER: 212.1.66.247#53(212.1.66.247)</div>
            <div>;; WHEN: Mon Sep 10 11:16:08 2018</div>
            <div>;; MSG SIZE  rcvd: 23</div>
            <div><br>
            </div>
            -- <br>
            <div dir="ltr" class="gmail_signature">
              <div>Best Regards!!</div>
              <div>champion_xie</div>
            </div>
          </div>
        </div>
      </div>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
      <pre wrap="">_______________________________________________
dns-operations mailing list
<a class="moz-txt-link-abbreviated" \
href="mailto:dns-operations@lists.dns-oarc.net">dns-operations@lists.dns-oarc.net</a> \
<a class="moz-txt-link-freetext" \
href="https://lists.dns-oarc.net/mailman/listinfo/dns-operations">https://lists.dns-oarc.net/mailman/listinfo/dns-operations</a>
 dns-operations mailing list
<a class="moz-txt-link-freetext" \
href="https://lists.dns-oarc.net/mailman/listinfo/dns-operations">https://lists.dns-oarc.net/mailman/listinfo/dns-operations</a>
 </pre>
    </blockquote>
    <p><br>
    </p>
  </body>
</html>



_______________________________________________
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
dns-operations mailing list
https://lists.dns-oarc.net/mailman/listinfo/dns-operations


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic