Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- With forward zone:
- 176 zone "vpn" {
- 177 type forward;
- 178 forward only;
- 179 forwarders { 44.0.0.8; };
- 180 };
- [root@kai ~]# systemctl restart named
- [root@kai ~]# dig sip.vpn
- ; <<>> DiG 9.13.3 <<>> sip.vpn
- ;; global options: +cmd
- ;; Got answer:
- ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 1329
- ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
- ;; OPT PSEUDOSECTION:
- ; EDNS: version: 0, flags:; udp: 4096
- ; COOKIE: a0ef2a6537d8e8733d6f96345bc511d90cebe7a1c5e3d507 (good)
- ;; QUESTION SECTION:
- ;sip.vpn. IN A
- ;; Query time: 22 msec
- ;; SERVER: 127.0.0.1#53(127.0.0.1)
- ;; WHEN: Di Okt 16 00:16:57 CEST 2018
- ;; MSG SIZE rcvd: 64
- [root@kai ~]# dig vpn NS
- ; <<>> DiG 9.13.3 <<>> vpn NS
- ;; global options: +cmd
- ;; Got answer:
- ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37163
- ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 2
- ;; OPT PSEUDOSECTION:
- ; EDNS: version: 0, flags:; udp: 4096
- ; COOKIE: da342af47bd4365b9d8fcc0d5bc511e0bcc79e16382d9f72 (good)
- ;; QUESTION SECTION:
- ;vpn. IN NS
- ;; ANSWER SECTION:
- vpn. 38400 IN NS nasuada.vpn.
- ;; ADDITIONAL SECTION:
- nasuada.vpn. 38400 IN A 44.0.0.8
- ;; Query time: 23 msec
- ;; SERVER: 127.0.0.1#53(127.0.0.1)
- ;; WHEN: Di Okt 16 00:17:04 CEST 2018
- ;; MSG SIZE rcvd: 98
- [root@kai ~]# dig sip.vpn
- ; <<>> DiG 9.13.3 <<>> sip.vpn
- ;; global options: +cmd
- ;; Got answer:
- ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10431
- ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
- ;; OPT PSEUDOSECTION:
- ; EDNS: version: 0, flags:; udp: 4096
- ; COOKIE: dce9dd303730d4b8996d71045bc511e3840f8bfa1362b060 (good)
- ;; QUESTION SECTION:
- ;sip.vpn. IN A
- ;; ANSWER SECTION:
- sip.vpn. 38400 IN A 44.0.0.80
- ;; Query time: 25 msec
- ;; SERVER: 127.0.0.1#53(127.0.0.1)
- ;; WHEN: Di Okt 16 00:17:07 CEST 2018
- ;; MSG SIZE rcvd: 80
- [root@kai ~]#
- With static-stub:
- 182 zone "vpn" {
- 183 type static-stub;
- 184 //server-names { nasuada.vpn; };
- 185 server-addresses { 44.0.0.8; };
- 186 };
- [root@kai ~]# systemctl restart named
- [root@kai ~]# dig sip.vpn
- ; <<>> DiG 9.13.3 <<>> sip.vpn
- ;; global options: +cmd
- ;; Got answer:
- ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20155
- ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
- ;; OPT PSEUDOSECTION:
- ; EDNS: version: 0, flags:; udp: 4096
- ; COOKIE: a139de1b9ae23867c3046a765bc512358f33bf268fd725d7 (good)
- ;; QUESTION SECTION:
- ;sip.vpn. IN A
- ;; Query time: 27 msec
- ;; SERVER: 127.0.0.1#53(127.0.0.1)
- ;; WHEN: Di Okt 16 00:18:29 CEST 2018
- ;; MSG SIZE rcvd: 64
- [root@kai ~]#
- In all the SERVFAIL and NXDOMAIN cases, the server at 44.0.0.8 doesn't even seem to get a query according to tcpdump
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement