[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]
Re: nameserver question

From: tc lewis <tcl bunzy net>
To: Redhat-list <redhat-list redhat com>
Subject: Re: nameserver question
Date: Mon Jul 1 10:39:01 2002
the lookup tools in djbdns are handy for diagnosing ns problems like this.
see http://cr.yp.to/djbdns.html and http://cr.yp.to/djbdns/tools.html for
info on those.

for example, if i wanted to trace a possible path for resolving
216.148.218.195, i might start at a random root:

[tcl jobo tcl]$ dnsq ptr 195.218.148.216.in-addr.arpa b.root-servers.net
12 195.218.148.216.in-addr.arpa:
262 bytes, 1+0+10+0 records, response, noerror
query: 12 195.218.148.216.in-addr.arpa
authority: 216.in-addr.arpa 86400 NS arrowroot.arin.net
authority: 216.in-addr.arpa 86400 NS buchu.arin.net
authority: 216.in-addr.arpa 86400 NS chia.arin.net
authority: 216.in-addr.arpa 86400 NS dill.arin.net
authority: 216.in-addr.arpa 86400 NS epazote.arin.net
authority: 216.in-addr.arpa 86400 NS figwort.arin.net
authority: 216.in-addr.arpa 86400 NS ginseng.arin.net
authority: 216.in-addr.arpa 86400 NS henna.arin.net
authority: 216.in-addr.arpa 86400 NS indigo.arin.net
authority: 216.in-addr.arpa 86400 NS jerk.arin.net

then try one of the referrals:

[tcl jobo tcl]$ dnsq ptr 195.218.148.216.in-addr.arpa arrowroot.arin.net
12 195.218.148.216.in-addr.arpa:
146 bytes, 1+0+4+0 records, response, noerror
query: 12 195.218.148.216.in-addr.arpa
authority: 148.216.in-addr.arpa 86400 NS cmtu.mt.ns.els-gms.att.net
authority: 148.216.in-addr.arpa 86400 NS dbru.br.ns.els-gms.att.net
authority: 148.216.in-addr.arpa 86400 NS dmtu.mt.ns.els-gms.att.net
authority: 148.216.in-addr.arpa 86400 NS cbru.br.ns.els-gms.att.net

and so on:

[tcl jobo tcl]$ dnsq ptr 195.218.148.216.in-addr.arpa cmtu.mt.ns.els-gms.att.net
12 195.218.148.216.in-addr.arpa:
154 bytes, 1+0+2+2 records, response, noerror
query: 12 195.218.148.216.in-addr.arpa
authority: 218.148.216.in-addr.arpa 86400 NS ns-west.cerf.net
authority: 218.148.216.in-addr.arpa 86400 NS ns-east.cerf.net
additional: ns-west.cerf.net 105428 A 192.153.156.3
additional: ns-east.cerf.net 120135 A 207.252.96.3

[tcl jobo tcl]$ dnsq ptr 195.218.148.216.in-addr.arpa ns-west.cerf.net
12 195.218.148.216.in-addr.arpa:
124 bytes, 1+0+2+2 records, response, noerror
query: 12 195.218.148.216.in-addr.arpa
authority: 195.218.148.216.in-addr.arpa 86400 NS ns1.redhat.com
authority: 195.218.148.216.in-addr.arpa 86400 NS ns2.redhat.com
additional: ns1.redhat.com 129443 A 66.187.233.210
additional: ns2.redhat.com 129443 A 216.148.218.250

[tcl jobo tcl]$ dnsq ptr 195.218.148.216.in-addr.arpa ns1.redhat.com
12 195.218.148.216.in-addr.arpa:
176 bytes, 1+1+3+3 records, response, authoritative, noerror
query: 12 195.218.148.216.in-addr.arpa
answer: 195.218.148.216.in-addr.arpa 86400 PTR www.redhat.com
authority: 218.148.216.in-addr.arpa 86400 NS ns1.redhat.com
authority: 218.148.216.in-addr.arpa 86400 NS ns2.redhat.com
authority: 218.148.216.in-addr.arpa 86400 NS ns3.redhat.com
additional: ns1.redhat.com 300 A 66.187.233.210
additional: ns2.redhat.com 600 A 66.77.185.41
additional: ns3.redhat.com 600 A 63.240.14.66

and i've finally found an answer:
answer: 195.218.148.216.in-addr.arpa 86400 PTR www.redhat.com

i could examine all possible paths from a root:
dnstrace ptr 195.218.148.216.in-addr.arpa b.root-servers.net | dnstracesort | less

or from all roots:
dnstrace ptr 195.218.148.216.in-addr.arpa a.root-servers.net b.root-servers.net c.root-servers.net d.root-servers.net e.root-servers.net f.root-servers.net g.root-servers.net h.root-servers.net i.root-servers.net j.root-servers.net k.root-servers.net l.root-servers.net m.root-servers.net | dnstracesort | less

but beware that those will take a long time to complete, see
http://cr.yp.to/djbdns/tools.html for details.

ALERT lines in the output of those can tell you where a server is failing
or lame or slow.

i believe the more popular program "dig" can do some of this also, if you
don't wish to obtain the superior djbdns tools (the greps are just to
remove blank lines and other extra output):

[tcl jobo tcl]$ dig @b.root-servers.net 195.218.148.216.in-addr.arpa ptr in | egrep -v '^$' | egrep -v '^\;\;'
; <<>> DiG 9.1.3 <<>> @b.root-servers.net 195.218.148.216.in-addr.arpa ptr in
;195.218.148.216.in-addr.arpa.  IN      PTR
216.in-addr.arpa.       86400   IN      NS      ARROWROOT.ARIN.NET.
216.in-addr.arpa.       86400   IN      NS      BUCHU.ARIN.NET.
216.in-addr.arpa.       86400   IN      NS      CHIA.ARIN.NET.
216.in-addr.arpa.       86400   IN      NS      DILL.ARIN.NET.
216.in-addr.arpa.       86400   IN      NS      EPAZOTE.ARIN.NET.
216.in-addr.arpa.       86400   IN      NS      FIGWORT.ARIN.NET.
216.in-addr.arpa.       86400   IN      NS      GINSENG.ARIN.NET.
216.in-addr.arpa.       86400   IN      NS      HENNA.ARIN.NET.
216.in-addr.arpa.       86400   IN      NS      INDIGO.ARIN.NET.
216.in-addr.arpa.       86400   IN      NS      JERK.ARIN.NET.

and you could again follow a path by replacing @b.root-servers.net with
one of the ns records until you got to an answer...

[tcl jobo tcl]$ dig @ns1.redhat.com 195.218.148.216.in-addr.arpa ptr in | egrep -v '^$' | egrep -v '^\;\;'
; <<>> DiG 9.1.3 <<>> @ns1.redhat.com 195.218.148.216.in-addr.arpa ptr in
;195.218.148.216.in-addr.arpa.  IN      PTR
195.218.148.216.in-addr.arpa. 86400 IN  PTR     www.redhat.com.
218.148.216.in-addr.arpa. 86400 IN      NS      ns3.redhat.com.
218.148.216.in-addr.arpa. 86400 IN      NS      ns1.redhat.com.
218.148.216.in-addr.arpa. 86400 IN      NS      ns2.redhat.com.
ns1.redhat.com.         300     IN      A       66.187.233.210
ns2.redhat.com.         600     IN      A       66.77.185.41
ns3.redhat.com.         600     IN      A       63.240.14.66

hooray:
195.218.148.216.in-addr.arpa. 86400 IN  PTR     www.redhat.com.


on a different level, you can see who arin has assigned an ip to with
whois:

[tcl jobo tcl]$ whois 216 148 218 195 whois arin net
[whois.arin.net]
TCG CERFnet (NETBLK-CERFNET-BLK-4)
   P.O. Box 919014
   San Diego, CA  92191-9014
   US

   Netname: CERFNET-BLK-4
   Netblock: 216.148.0.0 - 216.148.255.255
   Maintainer: CERF

   Coordinator:
      AT&T Enhanced Network Services  (CERF-HM-ARIN)  notify attens com
      (858) 812-5000

   Domain System inverse mapping provided by:

   DBRU.BR.NS.ELS-GMS.ATT.NET   199.191.128.106
   CBRU.BR.NS.ELS-GMS.ATT.NET   199.191.128.105
   DMTU.MT.NS.ELS-GMS.ATT.NET   12.127.16.70
   CMTU.MT.NS.ELS-GMS.ATT.NET   12.127.16.69

   ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE

   Record last updated on 09-Mar-2000.
   Database last updated on  30-Jun-2002 19:59:34 EDT.

The ARIN Registration Services Host contains ONLY Internet
Network Information: Networks, ASN's, and related POC's.
Please use the whois server at rs.internic.net for DOMAIN related
Information and whois.nic.mil for NIPRNET Information.



but that's not really directly related to the path a nameservice query
will take to resolve.

good luck.

-tcl.



On Sun, 30 Jun 2002, Chris Mason wrote:

> With regard to reverse nameservers, how do you work back up the
> delegations to find out who is responsible for the class C, B, A ?
> My reverse keeps dissapearing, but the nameserver responsible for it
> gives the right answer, making me believe it is a higher level
> nameserver that is misconfigured.
>
> Chris Mason
> masonc masonc com
> Box 340, The Valley, Anguilla, British West Indies
> Tel: 264 497 5670 Fax: 264 497 8463 Cell: 264 235 5670
> http://www.anguillaguide.com/ The Anguilla Guide
> Talk to me in real time:
> Yahoo:netconcepts_anguilla
> US Fax and Voicemail: (815)301-9759
>
>
>
>
> _______________________________________________
> Redhat-list mailing list
> Redhat-list redhat com
> https://listman.redhat.com/mailman/listinfo/redhat-list
>
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]