Common operational misconceptions
Daniel Griggs
daniel at fx.net.nz
Thu Feb 16 21:23:30 UTC 2012
Seems like dig doesn't always advertise a big enough buffer, I was having
the same issue as you. If you set the buffer size on the command line it
works as directed.
Daniels-Mac-mini:~ daniel$ dig edns-v4-ok.isc.org txt @149.20.64.58
;; Truncated, retrying in TCP mode.
;; Connection to 149.20.64.58#53(149.20.64.58) for
edns-v4-ok.isc.orgfailed: connection refused.
Daniels-Mac-mini:~ daniel$ dig edns-v4-ok.isc.org txt @149.20.64.58+bufsize=4096
; <<>> DiG 9.7.3-P3 <<>> edns-v4-ok.isc.org txt @149.20.64.58 +bufsize=4096
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18209
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;edns-v4-ok.isc.org. IN TXT
;; ANSWER SECTION:
edns-v4-ok.isc.org. 0 IN TXT "EDNS-4096-OK" "EDNS-4096-OK"
"EDNS-4096-OK" "EDNS-4096-OK" "EDNS-4096-OK" "EDNS-4096-OK"
<snip>
"EDNS-4"
;; Query time: 176 msec
;; SERVER: 149.20.64.58#53(149.20.64.58)
;; WHEN: Fri Feb 17 10:22:08 2012
;; MSG SIZE rcvd: 4096
On 17 February 2012 05:53, Phil Regnauld <regnauld at nsrc.org> wrote:
> Borderline dns-ops, sorry folks! - but this is interesting
> as we've been talking about ipv6 being operational, and this
> is part of it...
>
> Mark Andrews (marka) writes:
> >
> > If you are seeing TC between the resolver and the server and the TCP
> query is being answers then
> > something in the path is intercepting the DNS queries.
>
> TC is on the answer from the remote server to my resolver, so
> yeah, seems
> like something is messing with the packets.
>
> > > Don't see any v6 fragments (that'd be a problem since PF doesn't
> handle
> > > them on this host).
> >
> > You should see something like this on the wire. The second query is to
> answer
> > dig's query over TCP.
>
> I'm not seeing fragments as you are.
>
> Here's what I see:
>
> 14:40:20.955876 IP6 2001:2000:1080:d::2.64561 > 2001:4f8:0:2::8.53: 52841
> TXT? edns-v6-ok.isc.org. (36)
> 14:40:21.141948 IP6 2001:4f8:0:2::8.53 > 2001:2000:1080:d::2.64561:
> 52841*-| 0/0/0 (36)
> 14:40:21.142259 IP6 2001:2000:1080:d::2.53262 > 2001:4f8:0:2::8.53: Flags
> [S], seq 1112939462, win 65535, options [mss 1440,nop,wscale 6,sackOK,TS
> val 2571957531 ecr 0], length 0
> 14:40:21.327895 IP6 2001:4f8:0:2::8.53 > 2001:2000:1080:d::2.53262: Flags
> [R.], seq 0, ack 1112939463, win 0, length 0
>
> Cheers,
> Phil
>
>
--
Daniel Griggs
Network Operations
e: daniel at fx.net.nz
d: +64 4 4989567
More information about the NANOG
mailing list