New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Why do I get 2 different results for DNS recursion?
I've got a DNS server I setup and i'm confused as to whether it's allowing recursion or not (I obviously don't want it to be).
From a Mac I get the below (indicating recursion is on as I'm querying google.com which I don't own or run DNS for):
(1 server found) global options: +cmd Got answer: HEADER opcode: QUERY, status: NOERROR, id: 5686 flags: qr rd ra; QUERY: 1, ANSWER: 15, AUTHORITY: 0, ADDITIONAL: 0 QUESTION SECTION: google.com. IN A ANSWER SECTION: google.com. 89 IN A 66.8.14.226 google.com. 89 IN A 66.8.14.215 google.com. 89 IN A 66.8.14.219 google.com. 89 IN A 66.8.14.237 google.com. 89 IN A 66.8.14.230 google.com. 89 IN A 66.8.14.245 google.com. 89 IN A 66.8.14.251 google.com. 89 IN A 66.8.14.211 google.com. 89 IN A 66.8.14.207 google.com. 89 IN A 66.8.14.241 google.com. 89 IN A 66.8.14.234 google.com. 89 IN A 66.8.14.222 google.com. 89 IN A 66.8.14.236 google.com. 89 IN A 66.8.14.221 google.com. 89 IN A 66.8.14.249 Query time: 4 msec SERVER: xxxx#53(xxxx) WHEN: Mon Sep 7 18:51:52 2015 MSG SIZE rcvd: 268
From a Linux box I get (indicating NO recursion is on as I'm querying google.com which I don't own or run DNS for):
(1 server found) global options: +cmd Got answer: HEADER opcode: QUERY, status: REFUSED, id: 31159 flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 WARNING: recursion requested but not available OPT PSEUDOSECTION: EDNS: version: 0, flags:; udp: 1680 QUESTION SECTION: google.com. IN A Query time: 22 msec SERVER: xxxx#53(xxxx) WHEN: Mon Sep 07 12:52:45 EDT 2015 MSG SIZE rcvd: 39
Any idea's why I get the 2 conflicting sets of results? One showing recursion enabled, the other saying its not?
Comments
Paste your named.conf.options config.
Don't forget google have a lot of servers around the world + a lot of cache server too. You may use something else for testing. You probably didn't hit the same server.
I guess this is what called anycast dns.
Hi, this isn't BIND its a PDNS cluster.
I'm just curious as to why I get 2x different results from 2x different OS's.
EDIT: make that 3 different OS's. Linux / Windows refuse query for a domain that my server doesn't serve. Whilst OSX provides an answer on a domain I don't serve. I suspect OSX queries a second server to get this result. Any ideas?
@jeromeza - What is the dig command you are running on the Mac?
@Tacservers - the same that i'm running on the rest:
dig @dnsserverhere google.com
From Google DNS
and from Level3 DNS
The 24.200.247.xxx are caching servers at the ISP.
I suspect (from speculation and an extremely small set of data) that OSx's build of bind uses the internal recursor rather than the DNS server itself.
Do the IP's in the "SERVER:" lines match? If yes then I don't know what's going on. But if they don't then you maybe hitting a different server in your PDNS cluster. One that has recursion turned on.
@jeromeza - I see an 18MS difference, are these on the same network? Possibly @Rallias is correct, without being able to test on my Mac at the moment. 4MS is really fast for a recursive DNS response, that isn't locally cached.
Mac:
Linux: