[ldns-users] drill uses local resolvers

Klaus Darilion klaus.mailinglists at pernau.at
Wed May 18 11:35:14 UTC 2011 

Hi Willem!


# cat /etc/resolv.conf
nameserver 83.136.32.189
nameserver 83.136.32.190



# cat root.key
.       IN      DNSKEY  257 3 8
AwEAAYH7ht0DNAz3M8mmyhbuEMTXAPrUoLNKgUnTo4ELMBfKefUgBrp9+hJ3ThgIu2rfCWAudeGQlGSTAGvpPYwvXdQUXhT1mogDM7bg2yTUgP+XaRNn2GtLEEW5qWgb3LSqkq191bYZO4/ic43I1lfoY4frkv/eccTsLMSByc9iV7N+6Fk93cZnKY5AfeE+kqkSrBYHNkgk43exMBqUXV6XasmxZjv4mMppMHHMYR203KXYqgyEvNwa7T0oS/hsfx0Eygq5jqNmnb4zlYRiu7UfZ9Nw3Z/0H4MJxq5+By2aMM5p6xyapBV/3j5mcYdAPVQcgnYX68y+lxVD8cge93VoBLU=
;{id = 63086 (ksk), size = 2048b}




# cat root.hint
.                        3600000  IN  NS    root.dnssec-test.nic.at.
root.dnssec-test.nic.at.      3600000      A     131.130.200.227




# drill -TD -k root.key -r root.hint ftp.radiopannen.at A

Thus, drill should use the root server from the
file root.key -> 131.130.200.227
Sometimes drill starts with this root hint and switches to the local
resolvers after some time. Sometimes drill even starts with the local
resolver.

tshark trace of what drill is doing:

  9.083159 83.136.32.148 -> 83.136.32.189 DNS Standard query NS <Root>
  9.083490 83.136.32.189 -> 83.136.32.148 DNS Standard query response NS
i.root-servers.net NS l.root-servers.net NS m.root-servers.net NS
c.root-servers.net NS g.root-servers.net NS h.root-servers.net NS
a.root-servers.net NS b.root-servers.net NS d.root-servers.net NS
f.root-servers.net NS e.root-servers.net NS j.root-servers.net NS
k.root-servers.net RRSIG
  9.083734 83.136.32.148 -> 83.136.32.189 DNS Standard query AAAA
l.root-servers.net
  9.124785 83.136.32.189 -> 83.136.32.148 DNS Standard query response
AAAA 2001:500:3::42
  9.124911 83.136.32.148 -> 83.136.32.190 DNS Standard query A
l.root-servers.net
  9.125700 83.136.32.190 -> 83.136.32.148 DNS Standard query response A
199.7.83.42
  9.125948 83.136.32.148 -> 131.130.200.227 DNS Standard query AAAA
b.root-servers.net
  9.127723 131.130.200.227 -> 83.136.32.148 DNS Standard query response,
No such name
  9.127796 83.136.32.148 -> 83.136.32.189 DNS Standard query A
b.root-servers.net
  9.166865 83.136.32.189 -> 83.136.32.148 DNS Standard query response A
192.228.79.201
  9.167098 83.136.32.148 -> 131.130.200.227 DNS Standard query AAAA
f.root-servers.net
  9.168655 131.130.200.227 -> 83.136.32.148 DNS Standard query response,
No such name
  9.168721 83.136.32.148 -> 131.130.200.227 DNS Standard query A
f.root-servers.net
  9.170164 131.130.200.227 -> 83.136.32.148 DNS Standard query response,
No such name
  9.170352 83.136.32.148 -> 83.136.32.189 DNS Standard query AAAA
f.root-servers.net
  9.283713 83.136.32.189 -> 83.136.32.148 DNS Standard query response
AAAA 2001:500:2f::f
  9.283908 83.136.32.148 -> 83.136.32.189 DNS Standard query A
f.root-servers.net
  9.310273 83.136.32.189 -> 83.136.32.148 DNS Standard query response A
192.5.5.241
  9.310579 83.136.32.148 -> 83.136.32.189 DNS Standard query AAAA
j.root-servers.net
  9.310838 83.136.32.189 -> 83.136.32.148 DNS Standard query response
AAAA 2001:503:c27::2:30
  9.310922 83.136.32.148 -> 83.136.32.189 DNS Standard query A
j.root-servers.net
  9.493322 83.136.32.189 -> 83.136.32.148 DNS Standard query response A
192.58.128.30
  9.493618 83.136.32.148 -> 83.136.32.190 DNS Standard query AAAA
k.root-servers.net
  9.494389 83.136.32.190 -> 83.136.32.148 DNS Standard query response
AAAA 2001:7fd::1
  9.494461 83.136.32.148 -> 83.136.32.190 DNS Standard query A
k.root-servers.net
  9.495215 83.136.32.190 -> 83.136.32.148 DNS Standard query response A
193.0.14.129
  9.495403 83.136.32.148 -> 192.5.5.241  DNS Standard query DNSKEY <Root>
  9.678349  192.5.5.241 -> 83.136.32.148 DNS Standard query response
DNSKEY DNSKEY RRSIG
  9.681066 83.136.32.148 -> 128.63.2.53  DNS Standard query DS at
  9.786338  128.63.2.53 -> 83.136.32.148 DNS Standard query response
  9.786711 83.136.32.148 -> 192.58.128.30 DNS Standard query DNSKEY
ftp.radiopannen.at
  9.811558 192.58.128.30 -> 83.136.32.148 DNS Standard query response
  9.811801 83.136.32.148 -> 198.41.0.4   DNS Standard query DS at
  9.851583   198.41.0.4 -> 83.136.32.148 DNS Standard query response
  9.852179 2a02:850:1:1:216:3eff:fe4f:69b7 -> 2001:503:c27::2:30 DNS
Standard query NS at
 10.034797 2001:503:c27::2:30 -> 2a02:850:1:1:216:3eff:fe4f:69b7 DNS
Standard query response
 10.035221 83.136.32.148 -> 193.171.255.2 DNS Standard query DNSKEY at
 10.035966 193.171.255.2 -> 83.136.32.148 DNS Standard query response
 10.036100 83.136.32.148 -> 194.0.10.100 DNS Standard query DS
radiopannen.at
 10.043381 194.0.10.100 -> 83.136.32.148 DNS Standard query response
 10.043501 83.136.32.148 -> 194.146.106.50 DNS Standard query DNSKEY
ftp.radiopannen.at
 10.044135 194.146.106.50 -> 83.136.32.148 DNS Standard query response
 10.044261 83.136.32.148 -> 81.91.161.98 DNS Standard query DS
radiopannen.at
 10.075231 81.91.161.98 -> 83.136.32.148 DNS Standard query response
 10.075433 83.136.32.148 -> 87.233.175.130 DNS Standard query NS
radiopannen.at
 10.113906 87.233.175.130 -> 83.136.32.148 DNS Standard query response
 10.114454 83.136.32.148 -> 195.66.241.82 DNS Standard query AAAA
ns1.world4you.at
 10.161133 195.66.241.82 -> 83.136.32.148 DNS Standard query response
 10.161262 83.136.32.148 -> 81.91.161.98 DNS Standard query A
ns1.world4you.at
 10.192491 81.91.161.98 -> 83.136.32.148 DNS Standard query response
 10.192877 83.136.32.148 -> 83.136.32.190 DNS Standard query AAAA
ns1.world4you.at
 10.198029 83.136.32.190 -> 83.136.32.148 DNS Standard query response
 10.198162 83.136.32.148 -> 83.136.32.190 DNS Standard query A
ns1.world4you.at
 10.202997 83.136.32.190 -> 83.136.32.148 DNS Standard query response A
81.19.145.5
 10.203281 83.136.32.148 -> 81.91.161.98 DNS Standard query AAAA
ns2.world4you.at
 10.234486 81.91.161.98 -> 83.136.32.148 DNS Standard query response
 10.234605 83.136.32.148 -> 87.233.175.130 DNS Standard query A
ns2.world4you.at
 10.272834 87.233.175.130 -> 83.136.32.148 DNS Standard query response
 10.273105 83.136.32.148 -> 83.136.32.190 DNS Standard query AAAA
ns2.world4you.at
 10.278093 83.136.32.190 -> 83.136.32.148 DNS Standard query response
AAAA 2a00:1a68:80a1::d02
 10.278194 83.136.32.148 -> 83.136.32.189 DNS Standard query A
ns2.world4you.at
 10.278469 83.136.32.189 -> 83.136.32.148 DNS Standard query response A
81.19.147.5
 10.278610 83.136.32.148 -> 81.19.147.5  DNS Standard query DNSKEY
radiopannen.at
 10.279060  81.19.147.5 -> 83.136.32.148 DNS Standard query response
 10.279200 83.136.32.148 -> 81.19.147.5  DNS Standard query DS
ftp.radiopannen.at
 10.279666  81.19.147.5 -> 83.136.32.148 DNS Standard query response
 10.279775 83.136.32.148 -> 81.19.145.5  DNS Standard query DNSKEY
ftp.radiopannen.at
 10.283634  81.19.145.5 -> 83.136.32.148 DNS Standard query response
 10.283763 2a02:850:1:1:216:3eff:fe4f:69b7 -> 2a00:1a68:80a1::d02 DNS
Standard query DS ftp.radiopannen.at
 10.284272 2a00:1a68:80a1::d02 -> 2a02:850:1:1:216:3eff:fe4f:69b7 DNS
Standard query response
 10.284411 83.136.32.148 -> 81.19.147.5  DNS Standard query NS
ftp.radiopannen.at
 10.284904  81.19.147.5 -> 83.136.32.148 DNS Standard query response
 10.285017 83.136.32.148 -> 81.19.145.5  DNS Standard query DNSKEY
ftp.radiopannen.at
 10.288602  81.19.145.5 -> 83.136.32.148 DNS Standard query response
 10.288772 83.136.32.148 -> 81.19.147.5  DNS Standard query A
ftp.radiopannen.at
 10.289195  81.19.147.5 -> 83.136.32.148 DNS Standard query response A
81.19.145.146
 32.987231 83.136.32.148 -> 83.136.32.189 DNS Standard query A gucci
 32.987242 83.136.32.148 -> 83.136.32.189 DNS Standard query A gucci
 32.987246 83.136.32.148 -> 83.136.32.189 DNS Standard query AAAA gucci
 32.987278 83.136.32.148 -> 83.136.32.189 DNS Standard query AAAA gucci
 32.989809 83.136.32.189 -> 83.136.32.148 DNS Standard query response,
No such name
 32.989845 83.136.32.189 -> 83.136.32.148 DNS Standard query response,
No such name
 33.028541 83.136.32.189 -> 83.136.32.148 DNS Standard query response,
No such name
 33.028576 83.136.32.189 -> 83.136.32.148 DNS Standard query response,
No such name



regards
Klaus










Am 18.05.2011 11:34, schrieb Willem Toorop:
> Hi Klaus,
> 
> I've not been able to reproduce this. What does your query look like
> exactly? Do you use a trace (-T)?
> 
> With me it doesn't even query the local resolver when I don't use the -r
> option (because of the hard-coded root-servers).
> 
> Best regards, Willem
> 
> On 04/27/11 15:25, Klaus Darilion wrote:
>> Hi!
> 
>> I experienced strange problems with drill 1.6.6 and 1.6.9. Although I
>> specify root servers with -r, sometimes (50% chance) the local
>> configured resolver is asked for a root-server list. With drill 1.6.4
>> this random behavior was not seen yet.
> 
>> Are there any known issues?
> 
>> Thanks
>> Klaus
>> _______________________________________________
>> ldns-users mailing list
>> ldns-users at open.nlnetlabs.nl
>> http://open.nlnetlabs.nl/mailman/listinfo/ldns-users
> 
_______________________________________________
ldns-users mailing list
ldns-users at open.nlnetlabs.nl
http://open.nlnetlabs.nl/mailman/listinfo/ldns-users

More information about the ldns-users mailing list