Подскажите, пожалуйста, почему так происходит, часть имён разрешается
а часть нет? Сервер DNS - ns1 расположен в локальной сети, этот же сервер
виден из интернета, то есть для него доступ в интернет есть, делать дальше
запросы в интернет он может.Вот например yandex.ru разрешается:
[root@ns1] > dig @127.0.0.1 yandex.ru
; <<>> DiG 9.3.6-P1 <<>> @127.0.0.1 yandex.ru
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55896
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 4, ADDITIONAL: 5;; QUESTION SECTION:
;yandex.ru. IN A;; ANSWER SECTION:
yandex.ru. 8991 IN A 93.158.134.11
yandex.ru. 8991 IN A 213.180.204.11
yandex.ru. 8991 IN A 213.180.204.211
yandex.ru. 8991 IN A 77.88.21.11
yandex.ru. 8991 IN A 87.250.250.11
yandex.ru. 8991 IN A 87.250.251.11;; AUTHORITY SECTION:
yandex.ru. 92884 IN NS ns2.yandex.ru.
yandex.ru. 92884 IN NS ns4.yandex.ru.
yandex.ru. 92884 IN NS ns5.yandex.ru.
yandex.ru. 92884 IN NS ns1.yandex.ru.;; ADDITIONAL SECTION:
ns1.yandex.ru. 97484 IN A 213.180.193.1
ns1.yandex.ru. 2591 IN AAAA 2a02:6b8::1
ns2.yandex.ru. 179802 IN A 213.180.199.34
ns4.yandex.ru. 179802 IN A 77.88.19.60
ns5.yandex.ru. 173196 IN A 213.180.204.1;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Apr 29 09:51:51 2011
;; MSG SIZE rcvd: 287И mail.ru разрешается:
[root@ns1] > dig @127.0.0.1 mail.ru
; <<>> DiG 9.3.6-P1 <<>> @127.0.0.1 mail.ru
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23169
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 6, ADDITIONAL: 6;; QUESTION SECTION:
;mail.ru. IN A;; ANSWER SECTION:
mail.ru. 60 IN A 94.100.191.203
mail.ru. 60 IN A 94.100.191.204
mail.ru. 60 IN A 94.100.191.201
mail.ru. 60 IN A 94.100.191.202;; AUTHORITY SECTION:
mail.ru. 553 IN NS ns2.mail.ru.
mail.ru. 553 IN NS ns3.mail.ru.
mail.ru. 553 IN NS ns4.mail.ru.
mail.ru. 553 IN NS ns5.mail.ru.
mail.ru. 553 IN NS ns.mail.ru.
mail.ru. 553 IN NS ns1.mail.ru.;; ADDITIONAL SECTION:
ns.mail.ru. 19 IN A 217.69.129.230
ns1.mail.ru. 343 IN A 94.100.179.159
ns2.mail.ru. 343 IN A 94.100.186.189
ns3.mail.ru. 19 IN A 94.100.179.93
ns4.mail.ru. 343 IN A 217.69.129.184
ns5.mail.ru. 343 IN A 217.69.129.241;; Query time: 4 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Apr 29 09:51:54 2011
;; MSG SIZE rcvd: 292а davs.ru не разрешается:
[root@ns1] > dig @127.0.0.1 davs.ru
; <<>> DiG 9.3.6-P1 <<>> @127.0.0.1 davs.ru
; (1 server found)
;; global options: printcmd
;; connection timed out; no servers could be reachedГде настраивать, и как проверить где запрос затыкается?
Заранее благодарен. Борис.
1) Утилита dnstracer
2) если настроены форвардеры - то проблему искать у них
3) tcpdump - диагностика любых болезней
> 1) Утилита dnstracer
> 2) если настроены форвардеры - то проблему искать у них
> 3) tcpdump - диагностика любых болезнейВот я dig в режиме трассировки запустил:
[root@ns1] > dig @127.0.0.1 +trace davs.ru
; <<>> DiG 9.3.6-P1 <<>> @127.0.0.1 +trace davs.ru
; (1 server found)
;; global options: printcmd
. 433346 IN NS f.root-servers.net.
. 433346 IN NS g.root-servers.net.
. 433346 IN NS h.root-servers.net.
. 433346 IN NS i.root-servers.net.
. 433346 IN NS j.root-servers.net.
. 433346 IN NS k.root-servers.net.
. 433346 IN NS l.root-servers.net.
. 433346 IN NS m.root-servers.net.
. 433346 IN NS a.root-servers.net.
. 433346 IN NS b.root-servers.net.
. 433346 IN NS c.root-servers.net.
. 433346 IN NS d.root-servers.net.
. 433346 IN NS e.root-servers.net.
;; Received 512 bytes from 127.0.0.1#53(127.0.0.1) in 0 msru. 172800 IN NS ns.ripn.net.
ru. 172800 IN NS ns5.msk-ix.net.
ru. 172800 IN NS e.dns.ripn.net.
ru. 172800 IN NS f.dns.ripn.net.
ru. 172800 IN NS ns2.nic.fr.
ru. 172800 IN NS ns9.ripn.net.
;; Received 417 bytes from 192.112.36.4#53(g.root-servers.net) in 332 ms;; connection timed out; no servers could be reached
[root@ns1] >похоже что named.root может устарел?
Его надо просто заменить или заменить и сделать rndc reload?
Заранее благодарен. Борис.
>> 1) Утилита dnstracer
>> 2) если настроены форвардеры - то проблему искать у них
>> 3) tcpdump - диагностика любых болезней
> Вот я dig в режиме трассировки запустил:Где в пунктах 1-3 вы увидели dig ? :)
Приведите конфиг днс-сервера.
> Приведите конфиг днс-сервера.[root@antares] > cat /etc/namedb/named.conf
// $FreeBSD: src/etc/namedb/named.conf,v 1.21.2.1 2005/09/10 08:27:27 dougb Exp $
//
// Refer to the named.conf(5) and named(8) man pages, and the documentation
// in /usr/share/doc/bind9 for more details.
# ---------
# RCS Header
# $Id: named.conf,v 1.2 2009/04/24 10:18:50 root Exp root $
# $Log: named.conf,v $
# Revision 1.2 2009/04/24 10:18:50 root
# stable config
#
# Revision 1.1 2009/03/26 08:55:32 root
# Initial revision
#
# ----------
acl rec_hosts {
localhost;
62.105.140.192/27; 195.16.60.240/28;
217.22.162.192/29; 80.237.82.136/29;
212.30.182.96/32; 192.168.1.0/24;
10.0.0.0/8;
};acl transfer_hosts {
localhost;
62.105.140.192/27; 195.16.60.240/28; 217.22.162.192/29;
194.85.128.10; 194.85.128.28;
194.85.129.80; 213.234.194.138;
194.67.2.109; 194.67.7.1; 212.118.45.74;
81.211.9.94; 195.230.111.32/27;
10.0.0.0/8;
};# Start of rndc.conf
key "rndc-key" {
algorithm hmac-md5;
secret "7979I9mTmifwrPA4yz/D9w==";
};controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
logging {
channel my_debug {
file "/var/log/named/debug" versions 3 size 1m;
severity debug ;
print-time yes;
print-category yes;
print-severity yes;
};category default { my_debug; };
category general { my_debug; default_syslog;};
category database {my_debug;};
category security { my_debug; };
category config {my_debug;};
category resolver { my_debug;};
category xfer-in {my_debug;};
category xfer-out { my_debug;};
category notify { my_debug;};
category client { my_debug;};
category unmatched { my_debug;};
category network { my_debug;};
category update { my_debug;};
category queries { my_debug;};
category dispatch { my_debug;};
category dnssec { my_debug;};
category lame-servers {my_debug;};
//category delegation-only { my_debug;};
};options {
allow-transfer { transfer_hosts; };
directory "/etc/namedb";
pid-file "/var/run/named/pid";
dump-file "/var/dump/named_dump.db";
statistics-file "/var/stats/named.stats";// If named is being used only as a local resolver, this is a safe default.
// For named to be accessible to the network, comment this option, specify
// the proper IP address, or delete this option.
// listen-on { 127.0.0.1; };// If you have IPv6 enabled on this system, uncomment this option for
// use as a local resolver. To give access to the network, specify
// an IPv6 address, or the keyword "any".
// listen-on-v6 { ::1; };// In addition to the "forwarders" clause, you can force your name
// server to never initiate queries of its own, but always ask its
// forwarders only, by enabling the following line:
//
// forward only;// If you've got a DNS server around at your upstream provider, enter
// its IP address here, and enable the line below. This will make you
// benefit from its cache, thus reduce overall DNS traffic in the Internet.
/*
forwarders {
127.0.0.1;
};
*/
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND versions 8 and later
* use a pseudo-random unprivileged UDP port by default.
*/
// query-source address * port 53;
//query-source address 10.1.10.26 port 53;
query-source address 10.1.10.55 port 53;
//transfer-source 10.1.10.25 port *;
transfer-source 10.1.10.55 port *;
};// If you enable a local name server, don't forget to enter 127.0.0.1
// first in your /etc/resolv.conf so this server will be queried.
// Also, make sure to enable it in /etc/rc.conf.view audi {
match-clients { 192.168.99.0/24; };
recursion yes;
zone "." IN { type hint; file "named.root"; };
zone "localhost" IN { type master; file "localhost.zone"; };
zone "0.0.127.in-addr.arpa" IN { type master; file "localhost.rev"; };
zone "vbrr.ru" { type master; file "vbrr.ru"; };
};view int {
match-clients { 127.0.0.1; 10.0.0.0/8; 192.168.0.0/16; };
// forwarders { 194.85.128.10; };
// forwarders { 212.44.130.6; };
// query-source address 10.1.10.25 port *;
recursion yes;
zone "." IN { type hint; file "named.root"; };
zone "localhost" IN { type master; file "localhost.zone"; };
zone "0.0.127.in-addr.arpa" IN { type master; file "localhost.rev"; };zone "vbrr.ru" { type master; file "vbrr.ru.int"; };
zone "vbrr.su" { type master; file "vbrr.su.int"; };
zone "rrfc.ru" { type master; file "rrfc.ru"; };
zone "rrfk.ru" { type master; file "rrfk.ru"; };
zone "invtex.ru" { type master; file "invtex.ru.int"; };
zone "portfinvest.ru" { type master; file "portfinvest.ru.int"; };
zone "agorapif.ru" { type slave; file "slave/agorapif.ru"; masters { 81.211.9.94; }; };
zone "pifagora.ru" { type slave; file "slave/pifagora.ru"; masters { 81.211.9.94; }; };
zone "isbroker.ru" { type slave; file "slave/isbroker.ru"; masters { 81.211.9.94; }; };
zone "140.105.62.in-addr.arpa" { type master; file "62.105.140.192"; };
zone "162.22.217.in-addr.arpa" { type master; file "217.22.162.192"; };
zone "111.230.195.in-addr.arpa" { type master; file "195.230.111.0"; };
zone "rrdb.net" { type forward; forwarders {10.1.10.34;}; };
zone "vbrr.loc" { type forward; forwarders {10.1.2.64;}; };
zone "rrdbank.lan" IN { type slave; masters {10.2.1.100;}; file "slave/rrdbank.lan"; };
zone "vbrr.lan" IN {type slave; masters {10.2.1.100;}; file "slave/vbrr.lan"; };
zone "cocon.lan" IN {type slave; masters {10.2.1.100;}; file "slave/cocon.lan"; };
zone "spb.lan" IN { type slave; masters { 10.3.1.33; }; file "slave/spb.lan"; };zone "8.1.10.in-addr.arpa" in { type slave; masters {10.2.1.100;}; file "slave/10.1.8.0.rev"; };
zone "168.192.in-addr.arpa" in { type slave; masters {10.2.1.100;}; file "slave/192.168.0.0.rev"; };
zone "1.1.10.in-addr.arpa" in { type forward; forwarders {10.1.2.64;}; };
zone "2.1.10.in-addr.arpa" in { type forward; forwarders {10.1.2.64;}; };
zone "10.1.10.in-addr.arpa" in { type forward; forwarders {10.1.2.64;}; };
zone "100.1.10.in-addr.arpa" in { type forward; forwarders {10.1.2.64;}; };
zone "101.1.10.in-addr.arpa" in { type forward; forwarders {10.1.2.64;}; };
zone "102.1.10.in-addr.arpa" in { type forward; forwarders {10.1.2.64;}; };
zone "103.1.10.in-addr.arpa" in { type forward; forwarders {10.1.2.64;}; };
zone "1.2.10.in-addr.arpa" in { type forward; forwarders {10.1.2.64;}; };
zone "2.2.10.in-addr.arpa" in { type forward; forwarders {10.1.2.64;}; };
zone "3.2.10.in-addr.arpa" in { type forward; forwarders {10.1.2.64;}; };
zone "4.2.10.in-addr.arpa" in { type forward; forwarders {10.1.2.64;}; };
// zone "3.10.in-addr.arpa" in { type forward; forwarders {10.1.2.64;}; };
// zone "1.10.in-addr.arpa" in { type slave; masters {10.2.1.100;}; file "slave/10.1.0.0.rev"; };
// zone "2.10.in-addr.arpa" in { type slave; masters {10.2.1.100;}; file "slave/10.2.0.0.rev"; };
// zone "10.1.10.in-addr.arpa" in { type slave; masters {10.2.1.100;}; file "slave/10.1.10.0.rev"; };
zone "msk.rn.ru" in { type forward; forwarders { 127.0.0.1 port 1053; }; };
};view ext {
match-clients { any; };
// allow-recursion { rec_hosts; };
recursion yes;
zone "." IN { type hint; file "named.root"; };
zone "localhost" IN { type master; file "localhost.zone"; };
zone "0.0.127.in-addr.arpa" IN { type master; file "localhost.rev"; };
zone "vbrr.ru" { type master; file "vbrr.ru"; };
zone "vbrr.su" { type master; file "vbrr.su"; };
zone "rrfc.ru" { type master; file "rrfc.ru"; };
zone "rrfk.ru" { type master; file "rrfk.ru"; };
zone "invtex.ru" { type master; file "invtex.ru"; };
zone "portfinvest.ru" { type master; file "portfinvest.ru"; };
zone "agorapif.ru" { type slave; file "slave/agorapif.ru"; masters { 81.211.9.94; }; };
zone "pifagora.ru" { type slave; file "slave/pifagora.ru"; masters { 81.211.9.94; }; };
zone "isbroker.ru" { type slave; file "slave/isbroker.ru"; masters { 81.211.9.94; }; };
zone "ukpi.ru" { type slave; file "slave/isbroker.ru"; masters { 81.211.9.94; }; };
zone "140.105.62.in-addr.arpa" { type master; file "62.105.140.192"; };
zone "0.162.22.217.in-addr.arpa" { type master; file "217.22.162.192"; };
zone "111.230.195.in-addr.arpa" { type master; file "195.230.111.0"; };
};
[root@antares] >
> а davs.ru не разрешается:-
> [root@ns1] > dig @127.0.0.1 davs.ru-
> ; <<>> DiG 9.3.6-P1 <<>> @127.0.0.1 davs.ru
> ; (1 server found)
> ;; global options: printcmd
> ;; connection timed out; no servers could be reached-
> Где настраивать, и как проверить где запрос затыкается?Помоему tcpdump -i lo должен бы работать.
Повторные запросы пытались делать, на то же доменное имя ??
Что в логах ? В т ч dmesg ?iptables ? iptables -I INPUT -i lo -j ACCEPT гденть в верху списка правил присутствует ?
Установил из портов dnstracer, вот что выдаёт:[root@ns1] > dnstracer -o yandex.ru
Tracing to yandex.ru[a] via 127.0.0.1, maximum of 3 retries
127.0.0.1 (127.0.0.1) Got answer
|\___ ns1.yandex.ru [yandex.ru] (2a02:06b8:0000:0000:0000:0000:0000:0001) Not queried
|\___ ns1.yandex.ru [yandex.ru] (213.180.193.1) Got authoritative answer
|\___ ns5.yandex.ru [yandex.ru] (213.180.204.1) Got authoritative answer
|\___ ns4.yandex.ru [yandex.ru] (77.88.19.60) Got authoritative answer
\___ ns2.yandex.ru [yandex.ru] (213.180.199.34) Got authoritative answerns2.yandex.ru (213.180.199.34) yandex.ru -> 87.250.251.11
ns2.yandex.ru (213.180.199.34) yandex.ru -> 93.158.134.11
ns2.yandex.ru (213.180.199.34) yandex.ru -> 213.180.204.11
ns2.yandex.ru (213.180.199.34) yandex.ru -> 213.180.204.211
ns2.yandex.ru (213.180.199.34) yandex.ru -> 77.88.21.11
ns2.yandex.ru (213.180.199.34) yandex.ru -> 87.250.250.11
ns4.yandex.ru (77.88.19.60) yandex.ru -> 93.158.134.11
ns4.yandex.ru (77.88.19.60) yandex.ru -> 213.180.204.11
ns4.yandex.ru (77.88.19.60) yandex.ru -> 213.180.204.211
ns4.yandex.ru (77.88.19.60) yandex.ru -> 77.88.21.11
ns4.yandex.ru (77.88.19.60) yandex.ru -> 87.250.250.11
ns4.yandex.ru (77.88.19.60) yandex.ru -> 87.250.251.11
ns5.yandex.ru (213.180.204.1) yandex.ru -> 77.88.21.11
ns5.yandex.ru (213.180.204.1) yandex.ru -> 87.250.250.11
ns5.yandex.ru (213.180.204.1) yandex.ru -> 87.250.251.11
ns5.yandex.ru (213.180.204.1) yandex.ru -> 93.158.134.11
ns5.yandex.ru (213.180.204.1) yandex.ru -> 213.180.204.11
ns5.yandex.ru (213.180.204.1) yandex.ru -> 213.180.204.211
ns1.yandex.ru (213.180.193.1) yandex.ru -> 77.88.21.11
ns1.yandex.ru (213.180.193.1) yandex.ru -> 87.250.250.11
ns1.yandex.ru (213.180.193.1) yandex.ru -> 87.250.251.11
ns1.yandex.ru (213.180.193.1) yandex.ru -> 93.158.134.11
ns1.yandex.ru (213.180.193.1) yandex.ru -> 213.180.204.11
ns1.yandex.ru (213.180.193.1) yandex.ru -> 213.180.204.211
127.0.0.1 (127.0.0.1) yandex.ru -> 213.180.204.211
127.0.0.1 (127.0.0.1) yandex.ru -> 77.88.21.11
127.0.0.1 (127.0.0.1) yandex.ru -> 87.250.250.11
127.0.0.1 (127.0.0.1) yandex.ru -> 87.250.251.11
127.0.0.1 (127.0.0.1) yandex.ru -> 93.158.134.11
127.0.0.1 (127.0.0.1) yandex.ru -> 213.180.204.11[root@ns1] > dnstracer -o davs.ru
Tracing to davs.ru[a] via 127.0.0.1, maximum of 3 retries
127.0.0.1 (127.0.0.1)
|\___ ns2.davs.ru [davs.ru] (No IP address)
\___ ns.davs.ru [davs.ru] (No IP address)[root@ns1] >
dnstracer -4os . yandex.ru
А лучше - проблемный хост.
И ответы на другие вопросы.
> dnstracer -4os . yandex.ru
> А лучше - проблемный хост.
> И ответы на другие вопросы.[root@ns1] > dnstracer -4os . yandex.ru
Option -4 ignored
Tracing to yandex.ru[a] via A.ROOT-SERVERS.NET, maximum of 3 retries
A.ROOT-SERVERS.NET [.] (198.41.0.4)
|\___ ns9.ripn.net [ru] (194.85.252.62)
| |\___ ns2.yandex.ru [yandex.ru] (213.180.199.34) Got authoritative answer
| |\___ ns4.yandex.ru [yandex.ru] (77.88.19.60) Got authoritative answer
| |\___ ns5.yandex.ru [yandex.ru] (213.180.204.1) Got authoritative answer
| \___ ns1.yandex.ru [yandex.ru] (213.180.193.1) Got authoritative answer
|\___ ns9.ripn.net [ru] (2001:0678:0016:0000:0194:0085:0252:0062) Not queried
|\___ ns.ripn.net [ru] (194.85.105.17)
| |\___ ns1.yandex.ru [yandex.ru] (213.180.193.1) (cached)
| |\___ ns4.yandex.ru [yandex.ru] (77.88.19.60) (cached)
| |\___ ns5.yandex.ru [yandex.ru] (213.180.204.1) (cached)
| \___ ns2.yandex.ru [yandex.ru] (213.180.199.34) (cached)
|\___ ns.ripn.net [ru] (2001:0678:0013:0000:0194:0085:0105:0017) Not queried
|\___ f.dns.ripn.net [ru] (193.232.156.17)
| |\___ ns5.yandex.ru [yandex.ru] (213.180.204.1) (cached)
| |\___ ns4.yandex.ru [yandex.ru] (77.88.19.60) (cached)
| |\___ ns1.yandex.ru [yandex.ru] (213.180.193.1) (cached)
| \___ ns2.yandex.ru [yandex.ru] (213.180.199.34) (cached)
|\___ f.dns.ripn.net [ru] (2001:0678:0014:0000:0193:0232:0156:0017) Not queried
|\___ e.dns.ripn.net [ru] (193.232.142.17)
| |\___ ns4.yandex.ru [yandex.ru] (77.88.19.60) (cached)
| |\___ ns5.yandex.ru [yandex.ru] (213.180.204.1) (cached)
| |\___ ns2.yandex.ru [yandex.ru] (213.180.199.34) (cached)
| \___ ns1.yandex.ru [yandex.ru] (213.180.193.1) (cached)
|\___ e.dns.ripn.net [ru] (2001:0678:0015:0000:0193:0232:0142:0017) Not queried
|\___ ns5.msk-ix.net [ru] (193.232.128.6)
| |\___ ns2.yandex.ru [yandex.ru] (213.180.199.34) (cached)
| |\___ ns4.yandex.ru [yandex.ru] (77.88.19.60) (cached)
| |\___ ns1.yandex.ru [yandex.ru] (213.180.193.1) (cached)
| \___ ns5.yandex.ru [yandex.ru] (213.180.204.1) (cached)
|\___ ns5.msk-ix.net [ru] (2001:0678:0017:0000:0193:0232:0128:0006) Not queried
|\___ ns2.nic.fr [ru] (192.93.0.4)
| |\___ ns5.yandex.ru [yandex.ru] (213.180.204.1) (cached)
| |\___ ns4.yandex.ru [yandex.ru] (77.88.19.60) (cached)
| |\___ ns2.yandex.ru [yandex.ru] (213.180.199.34) (cached)
| \___ ns1.yandex.ru [yandex.ru] (213.180.193.1) (cached)
\___ ns2.nic.fr [ru] (2001:0660:3005:0001:0000:0000:0001:0002) Not queriedns1.yandex.ru (213.180.193.1) yandex.ru -> 77.88.21.11
ns1.yandex.ru (213.180.193.1) yandex.ru -> 87.250.250.11
ns1.yandex.ru (213.180.193.1) yandex.ru -> 87.250.251.11
ns1.yandex.ru (213.180.193.1) yandex.ru -> 93.158.134.11
ns1.yandex.ru (213.180.193.1) yandex.ru -> 213.180.204.11
ns1.yandex.ru (213.180.193.1) yandex.ru -> 213.180.204.211
ns5.yandex.ru (213.180.204.1) yandex.ru -> 77.88.21.11
ns5.yandex.ru (213.180.204.1) yandex.ru -> 87.250.250.11
ns5.yandex.ru (213.180.204.1) yandex.ru -> 87.250.251.11
ns5.yandex.ru (213.180.204.1) yandex.ru -> 93.158.134.11
ns5.yandex.ru (213.180.204.1) yandex.ru -> 213.180.204.11
ns5.yandex.ru (213.180.204.1) yandex.ru -> 213.180.204.211
ns4.yandex.ru (77.88.19.60) yandex.ru -> 213.180.204.211
ns4.yandex.ru (77.88.19.60) yandex.ru -> 77.88.21.11
ns4.yandex.ru (77.88.19.60) yandex.ru -> 87.250.250.11
ns4.yandex.ru (77.88.19.60) yandex.ru -> 87.250.251.11
ns4.yandex.ru (77.88.19.60) yandex.ru -> 93.158.134.11
ns4.yandex.ru (77.88.19.60) yandex.ru -> 213.180.204.11
ns2.yandex.ru (213.180.199.34) yandex.ru -> 213.180.204.211
ns2.yandex.ru (213.180.199.34) yandex.ru -> 77.88.21.11
ns2.yandex.ru (213.180.199.34) yandex.ru -> 87.250.250.11
ns2.yandex.ru (213.180.199.34) yandex.ru -> 87.250.251.11
ns2.yandex.ru (213.180.199.34) yandex.ru -> 93.158.134.11
ns2.yandex.ru (213.180.199.34) yandex.ru -> 213.180.204.11
[root@ns1] >
[root@ns1] > dnstracer -4os . davs.ru
Option -4 ignored
Tracing to davs.ru[a] via A.ROOT-SERVERS.NET, maximum of 3 retries
A.ROOT-SERVERS.NET [.] (198.41.0.4)
|\___ ns9.ripn.net [ru] (194.85.252.62)
| |\___ ns2.davs.ru [davs.ru] (89.175.20.200) * * *
| \___ ns.davs.ru [davs.ru] (195.210.147.19) Got authoritative answer
|\___ ns9.ripn.net [ru] (2001:0678:0016:0000:0194:0085:0252:0062) Not queried
|\___ ns.ripn.net [ru] (194.85.105.17)
| |\___ ns.davs.ru [davs.ru] (195.210.147.19) (cached)
| \___ ns2.davs.ru [davs.ru] (89.175.20.200) * * *
|\___ ns.ripn.net [ru] (2001:0678:0013:0000:0194:0085:0105:0017) Not queried
|\___ f.dns.ripn.net [ru] (193.232.156.17)
| |\___ ns.davs.ru [davs.ru] (195.210.147.19) (cached)
| \___ ns2.davs.ru [davs.ru] (89.175.20.200) * * *
|\___ f.dns.ripn.net [ru] (2001:0678:0014:0000:0193:0232:0156:0017) Not queried
|\___ e.dns.ripn.net [ru] (193.232.142.17)
| |\___ ns.davs.ru [davs.ru] (195.210.147.19) (cached)
| \___ ns2.davs.ru [davs.ru] (89.175.20.200) * * *
|\___ e.dns.ripn.net [ru] (2001:0678:0015:0000:0193:0232:0142:0017) Not queried
|\___ ns5.msk-ix.net [ru] (193.232.128.6)
| |\___ ns.davs.ru [davs.ru] (195.210.147.19) (cached)
| \___ ns2.davs.ru [davs.ru] (89.175.20.200) * * *
|\___ ns5.msk-ix.net [ru] (2001:0678:0017:0000:0193:0232:0128:0006) Not queried
|\___ ns2.nic.fr [ru] (192.93.0.4)
| |\___ ns2.davs.ru [davs.ru] (89.175.20.200) * * *
| \___ ns.davs.ru [davs.ru] (195.210.147.19) (cached)
\___ ns2.nic.fr [ru] (2001:0660:3005:0001:0000:0000:0001:0002) Not queriedns.davs.ru (195.210.147.19) davs.ru -> 89.108.122.127
[root@ns1] >
А теперь ip ru sh + ip ro sh table main + ip ro sh table default + все таблицы которые есть в выводе ip ru sh.
Обратите внимание на
query-source address 10.1.10.55 port 53;