API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 15th, 2018
76
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.34 KB | None | 0 0
raw download clone embed print report
  1. With forward zone:
  2.  
  3.  
  4. 176 zone "vpn" {
  5. 177 type forward;
  6. 178 forward only;
  7. 179 forwarders { 44.0.0.8; };
  8. 180 };
  9.  
  10.  
  11. [root@kai ~]# systemctl restart named
  12. [root@kai ~]# dig sip.vpn
  13.  
  14. ; <<>> DiG 9.13.3 <<>> sip.vpn
  15. ;; global options: +cmd
  16. ;; Got answer:
  17. ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 1329
  18. ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
  19.  
  20. ;; OPT PSEUDOSECTION:
  21. ; EDNS: version: 0, flags:; udp: 4096
  22. ; COOKIE: a0ef2a6537d8e8733d6f96345bc511d90cebe7a1c5e3d507 (good)
  23. ;; QUESTION SECTION:
  24. ;sip.vpn. IN A
  25.  
  26. ;; Query time: 22 msec
  27. ;; SERVER: 127.0.0.1#53(127.0.0.1)
  28. ;; WHEN: Di Okt 16 00:16:57 CEST 2018
  29. ;; MSG SIZE rcvd: 64
  30.  
  31. [root@kai ~]# dig vpn NS
  32.  
  33. ; <<>> DiG 9.13.3 <<>> vpn NS
  34. ;; global options: +cmd
  35. ;; Got answer:
  36. ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37163
  37. ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 2
  38.  
  39. ;; OPT PSEUDOSECTION:
  40. ; EDNS: version: 0, flags:; udp: 4096
  41. ; COOKIE: da342af47bd4365b9d8fcc0d5bc511e0bcc79e16382d9f72 (good)
  42. ;; QUESTION SECTION:
  43. ;vpn. IN NS
  44.  
  45. ;; ANSWER SECTION:
  46. vpn. 38400 IN NS nasuada.vpn.
  47.  
  48. ;; ADDITIONAL SECTION:
  49. nasuada.vpn. 38400 IN A 44.0.0.8
  50.  
  51. ;; Query time: 23 msec
  52. ;; SERVER: 127.0.0.1#53(127.0.0.1)
  53. ;; WHEN: Di Okt 16 00:17:04 CEST 2018
  54. ;; MSG SIZE rcvd: 98
  55.  
  56. [root@kai ~]# dig sip.vpn
  57.  
  58. ; <<>> DiG 9.13.3 <<>> sip.vpn
  59. ;; global options: +cmd
  60. ;; Got answer:
  61. ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10431
  62. ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
  63.  
  64. ;; OPT PSEUDOSECTION:
  65. ; EDNS: version: 0, flags:; udp: 4096
  66. ; COOKIE: dce9dd303730d4b8996d71045bc511e3840f8bfa1362b060 (good)
  67. ;; QUESTION SECTION:
  68. ;sip.vpn. IN A
  69.  
  70. ;; ANSWER SECTION:
  71. sip.vpn. 38400 IN A 44.0.0.80
  72.  
  73. ;; Query time: 25 msec
  74. ;; SERVER: 127.0.0.1#53(127.0.0.1)
  75. ;; WHEN: Di Okt 16 00:17:07 CEST 2018
  76. ;; MSG SIZE rcvd: 80
  77.  
  78. [root@kai ~]#
  79.  
  80.  
  81.  
  82.  
  83.  
  84.  
  85.  
  86. With static-stub:
  87.  
  88.  
  89.  
  90. 182 zone "vpn" {
  91. 183 type static-stub;
  92. 184 //server-names { nasuada.vpn; };
  93. 185 server-addresses { 44.0.0.8; };
  94. 186 };
  95.  
  96.  
  97. [root@kai ~]# systemctl restart named
  98. [root@kai ~]# dig sip.vpn
  99.  
  100. ; <<>> DiG 9.13.3 <<>> sip.vpn
  101. ;; global options: +cmd
  102. ;; Got answer:
  103. ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20155
  104. ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
  105.  
  106. ;; OPT PSEUDOSECTION:
  107. ; EDNS: version: 0, flags:; udp: 4096
  108. ; COOKIE: a139de1b9ae23867c3046a765bc512358f33bf268fd725d7 (good)
  109. ;; QUESTION SECTION:
  110. ;sip.vpn. IN A
  111.  
  112. ;; Query time: 27 msec
  113. ;; SERVER: 127.0.0.1#53(127.0.0.1)
  114. ;; WHEN: Di Okt 16 00:18:29 CEST 2018
  115. ;; MSG SIZE rcvd: 64
  116.  
  117. [root@kai ~]#
  118.  
  119.  
  120.  
  121.  
  122.  
  123.  
  124.  
  125.  
  126.  
  127. In all the SERVFAIL and NXDOMAIN cases, the server at 44.0.0.8 doesn't even seem to get a query according to tcpdump
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!