Date: Thu, 22 Aug 2013 11:14:04 +1000 From: Colin House <colin@restecp.com> To: Doug Hardie <bc979@lafn.org> Cc: "freebsd-questions@freebsd.org List" <freebsd-questions@freebsd.org> Subject: Re: dig Message-ID: <521565DC.7040501@restecp.com> In-Reply-To: <F6FFC04A-5942-4ED8-BF33-C683EB07C798@lafn.org> References: <F6FFC04A-5942-4ED8-BF33-C683EB07C798@lafn.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 22/08/2013 9:34 AM, Doug Hardie wrote: > There appears to be a problem with dig and the +trace option in 9.2. I believe its also in 9.1. The command: > > dig freebsd.org +trace > > Only yields a dumb response. No useful information is provided. Running the same command on FreeBSD 7.2 yields a complete trace with lots of useful information. Have you tested against another NS? I ran into a similar problem when setting up unbound as a local recursor recently on a 9.1-STABLE (r251985) box. dig +trace <domain> would return (next to) nothing. dig +trace <domain> @8.8.8.8 worked as expected. I found it was the access-control configuration of unbound. Changing my "access-control: ::1 allow" to "access-control: ::1 allow_snoop" restored the +trace functionality. I'm not sure how this translates with bind.. Perhaps the defaults have changed between the versions that you're running (if you're running the base versions on 7.2 and 9.1) or your recursive server isn't allowing it on 9.2? Fwiw, in unbound, "allow" allows recursive lookups, "allow_snoop" allows both recursive and non-recursive lookups. - Col
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?521565DC.7040501>