> Am 20.09.2024 um 13:08 schrieb Otto Moerbeek <otto@drijf.net>:
>
> On Fri, Sep 20, 2024 at 12:45:08PM +0200, Mike Fischer wrote:
>
>>
>>> Am 20.09.2024 um 12:13 schrieb Stuart Henderson <stu.lists@spacehopper.org>:
>>>
>>>> From what you've shown I can only assume the auth servers are broken
>>> and probably refusing to respond for A (rather than an empty NOERROR
>>> response).
>>
>> I agree, that is probably the root cause.
>>
>> So that would cause host(1) to abort looking for other RRsets? Is that not a bug in host(1)?
>>
>> Note: I tried looking at the source code of host(1) but I can't figure out how it works.
>>
>>
>>> AAAA-only is a somewhat rare case and IPv6 has only been supported in
>>> DNS since 2008 or so, it takes time to get the bugs worked out
>>> especially in custom DNS software like is probably used for a dynamic
>>> dns zone.
>>
>> Yes, a mere 18 years is rather new ;-)
>>
>>
>>> If you show the real hostname, maybe someone can figure it out in
>>> more detail.
>>
>> This is an example hostname I created at dynv6.com for the purpose of figuring out this issue:
>> test.fwml42.v6.rocks
>>
>> $ dig +short test.fwml42.v6.rocks aaaa
>> 2001:db8::dead:beaf
>> $ host test.fwml42.v6.rocks
>> Host test.fwml42.v6.rocks not found: 2(SERVFAIL)
>> $
>
> Here host just succeeds with that name (not using unbound as resolver
> but PowerDNS recursor)
>
> $ host test.fwml42.v6.rocks
> test.fwml42.v6.rocks has IPv6 address 2001:db8::dead:beaf
>
> A tip to investigate further: use -v with host (it shows more
> details), don't use +short with dig (it hides useful information).
>
> -Otto
Alright:
$ dig test.fwml42.v6.rocks aaaa
; <<>> dig 9.10.8-P1 <<>> test.fwml42.v6.rocks aaaa
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12016
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;test.fwml42.v6.rocks. IN AAAA
;; ANSWER SECTION:
test.fwml42.v6.rocks. 60 IN AAAA 2001:db8::dead:beaf
;; Query time: 49 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Sep 20 14:00:25 CEST 2024
;; MSG SIZE rcvd: 77
$ host -v test.fwml42.v6.rocks
Trying "test.fwml42.v6.rocks"
Host test.fwml42.v6.rocks not found: 2(SERVFAIL)
Received 38 bytes from 127.0.0.1#53 in 467 ms
$
And for competeness:
$ dig test.fwml42.v6.rocks a
; <<>> dig 9.10.8-P1 <<>> test.fwml42.v6.rocks a
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 15149
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;test.fwml42.v6.rocks. IN A
;; Query time: 287 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Sep 20 14:02:14 CEST 2024
;; MSG SIZE rcvd: 49
$
Mike
No comments:
Post a Comment