[conspire] Unbound and DHCP on home computer

Rick Moen rick at linuxmafia.com
Tue Dec 15 14:07:03 PST 2009 

Quoting Roger Chrisman (roger at rogerchrisman.com):

> Rick Moen <rick at linuxmafia.com> wrote:
> > If you want a real education, by the way, append "+trace" to your
> > invocations of the 'dig' utility.
> 
> 
> Hm, this is brief, does it look right?:
> 
> roger at a:~$ dig example.com +trace
> 
> ; <<>> DiG 9.6.1-P2 <<>> example.com +trace
> ;; global options: +cmd
> ;; Received 12 bytes from 127.0.0.1#53(127.0.0.1) in 0 ms
> 
> roger at a:~$
> 
> Did I miss something?

Choice of domain, for one.  ;->

"example.com" is one of a small number of domains that are reserved by
the IETF/IANA for diagnostic purposes, unavailable for registration.  Also, 
and more important, I gather that you have somehow set up "example.com" 
as a locally-resolved domain.

Here is an example, showing the chain of delegation, on a nameserver
(mine) where example.com is _not_ defined as strictly local:

$ dig example.com @127.0.0.1 +trace
.                       134481  IN      NS      C.ROOT-SERVERS.NET.
.                       134481  IN      NS      L.ROOT-SERVERS.NET.
.                       134481  IN      NS      B.ROOT-SERVERS.NET.
.                       134481  IN      NS      M.ROOT-SERVERS.NET.
.                       134481  IN      NS      K.ROOT-SERVERS.NET.
.                       134481  IN      NS      I.ROOT-SERVERS.NET.
.                       134481  IN      NS      J.ROOT-SERVERS.NET.
.                       134481  IN      NS      G.ROOT-SERVERS.NET.
.                       134481  IN      NS      H.ROOT-SERVERS.NET.
.                       134481  IN      NS      D.ROOT-SERVERS.NET.
.                       134481  IN      NS      A.ROOT-SERVERS.NET.
.                       134481  IN      NS      F.ROOT-SERVERS.NET.
.                       134481  IN      NS      E.ROOT-SERVERS.NET.
;; Received 300 bytes from 127.0.0.1#53(127.0.0.1) in 2 ms

com.                    172800  IN      NS      M.GTLD-SERVERS.NET.
com.                    172800  IN      NS      H.GTLD-SERVERS.NET.
com.                    172800  IN      NS      D.GTLD-SERVERS.NET.
com.                    172800  IN      NS      J.GTLD-SERVERS.NET.
com.                    172800  IN      NS      E.GTLD-SERVERS.NET.
com.                    172800  IN      NS      C.GTLD-SERVERS.NET.
com.                    172800  IN      NS      L.GTLD-SERVERS.NET.
com.                    172800  IN      NS      A.GTLD-SERVERS.NET.
com.                    172800  IN      NS      I.GTLD-SERVERS.NET.
com.                    172800  IN      NS      G.GTLD-SERVERS.NET.
com.                    172800  IN      NS      F.GTLD-SERVERS.NET.
com.                    172800  IN      NS      K.GTLD-SERVERS.NET.
com.                    172800  IN      NS      B.GTLD-SERVERS.NET.
;; Received 501 bytes from 192.203.230.10#53(E.ROOT-SERVERS.NET) in 117 ms

example.com.            172800  IN      NS      a.iana-servers.net.
example.com.            172800  IN      NS      b.iana-servers.net.
;; Received 109 bytes from 192.54.112.30#53(H.GTLD-SERVERS.NET) in 225 ms

example.com.            172800  IN      A       192.0.32.10
example.com.            172800  IN      NS      b.iana-servers.net.
example.com.            172800  IN      NS      a.iana-servers.net.
;; Received 125 bytes from 193.0.0.236#53(b.iana-servers.net) in 220 ms 
$


Here's a fairly typical example using BBC's primary domain:

$ dig bbc.co.uk @127.0.0.1 +trace
.                       134338  IN      NS      G.ROOT-SERVERS.NET.
.                       134338  IN      NS      B.ROOT-SERVERS.NET.
.                       134338  IN      NS      A.ROOT-SERVERS.NET.
.                       134338  IN      NS      F.ROOT-SERVERS.NET.
.                       134338  IN      NS      H.ROOT-SERVERS.NET.
.                       134338  IN      NS      J.ROOT-SERVERS.NET.
.                       134338  IN      NS      D.ROOT-SERVERS.NET.
.                       134338  IN      NS      M.ROOT-SERVERS.NET.
.                       134338  IN      NS      C.ROOT-SERVERS.NET.
.                       134338  IN      NS      K.ROOT-SERVERS.NET.
.                       134338  IN      NS      E.ROOT-SERVERS.NET.
.                       134338  IN      NS      I.ROOT-SERVERS.NET.
.                       134338  IN      NS      L.ROOT-SERVERS.NET.
;; Received 300 bytes from 127.0.0.1#53(127.0.0.1) in 2 ms

uk.                     172800  IN      NS      NS7.NIC.uk.
uk.                     172800  IN      NS      NS4.NIC.uk.
uk.                     172800  IN      NS      NSA.NIC.uk.
uk.                     172800  IN      NS      NS3.NIC.uk.
uk.                     172800  IN      NS      NSB.NIC.uk.
uk.                     172800  IN      NS      NS1.NIC.uk.
uk.                     172800  IN      NS      NSD.NIC.uk.
uk.                     172800  IN      NS      NS2.NIC.uk.
uk.                     172800  IN      NS      NS5.NIC.uk.
uk.                     172800  IN      NS      NSC.NIC.uk.
uk.                     172800  IN      NS      NS6.NIC.uk.
;; Received 489 bytes from 192.112.36.4#53(G.ROOT-SERVERS.NET) in 241 ms

bbc.co.uk.              172800  IN      NS      ns1.thls.bbc.co.uk.
bbc.co.uk.              172800  IN      NS      ns1.rbsov.bbc.co.uk.
bbc.co.uk.              172800  IN      NS      ns1.bbc.co.uk.
bbc.co.uk.              172800  IN      NS      ns1.thdo.bbc.co.uk.
;; Received 179 bytes from 213.219.13.131#53(NS3.NIC.uk) in 219 ms

bbc.co.uk.              300     IN      A       212.58.224.138
bbc.co.uk.              900     IN      NS      ns1.rbsov.bbc.co.uk.
bbc.co.uk.              900     IN      NS      ns1.thls.bbc.co.uk.
bbc.co.uk.              900     IN      NS      ns1.bbc.co.uk.
bbc.co.uk.              900     IN      NS      ns1.thdo.bbc.co.uk.
;; Received 195 bytes from 132.185.132.21#53(ns1.bbc.co.uk) in 217 ms
$


It's useful to include the "@[nameserver]" parametre on "dig" 
invocations, so that you're sure where the query goes.

More information about the conspire mailing list