[Unbound-users] unbound fail to resolve a PTR

W.C.A. Wijngaards wouter at nlnetlabs.nl
Tue Jun 24 08:32:43 UTC 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Andreas,

On 06/24/2014 09:28 AM, sca at andreasschulze.de wrote:
> 
> Hello,
> 
> unbound fail to resolve a specific PTR while other (most!) do
> work. I noticed that one because my MTA rejects a message with
> "can't find reverse hostname" ...

The reason is that the authorities drop queries with uppercase in the
query name (they do not conform to the RFCs).  I have fixed unbound
use-caps-for-id feature, that you are using here, to fallback and
attempt to resolve without the upper-lowercase mixing when there are
timeouts.  This fixes the lookup of this PTR.

I also fixed a bug in the 0x20 fallback procedure in unbound.

I think that this domain will not resolve if the client (i.e. end
resolver) uses uppercase in the query name.  So there are likely
resolution failures for anyone typing their website in uppercase into
the web-browser ... (well, on an empty cache).

Best regards,
   Wouter


> $ restart_unbound_to_enforce_an_empty_cache $ dig
> 224.243.93.193.in-addr.arpa. PTR
> 
> ; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> 224.243.93.193.in-addr.arpa.
> PTR ;; global options: +cmd ;; connection timed out; no servers
> could be reached
> 
> 
> but using the +trace option it looks better: $ dig
> 224.243.93.193.in-addr.arpa. PTR +trace
> 
> ; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> 224.243.93.193.in-addr.arpa.
> PTR +trace ;; global options: +cmd .                       518377
> IN      NS      h.root-servers.net. .                       518377
> IN      NS      i.root-servers.net. .                       518377
> IN      NS      j.root-servers.net. .                       518377
> IN      NS      k.root-servers.net. .                       518377
> IN      NS      l.root-servers.net. .                       518377
> IN      NS      m.root-servers.net. .                       518377
> IN      NS      a.root-servers.net. .                       518377
> IN      NS      b.root-servers.net. .                       518377
> IN      NS      c.root-servers.net. .                       518377
> IN      NS      d.root-servers.net. .                       518377
> IN      NS      e.root-servers.net. .                       518377
> IN      NS      f.root-servers.net. .                       518377
> IN      NS      g.root-servers.net. ;; Received 228 bytes from
> ::1#53(::1) in 3072 ms
> 
> in-addr.arpa.           172800  IN      NS
> a.in-addr-servers.arpa. in-addr.arpa.           172800  IN      NS
> b.in-addr-servers.arpa. in-addr.arpa.           172800  IN      NS
> c.in-addr-servers.arpa. in-addr.arpa.           172800  IN      NS
> d.in-addr-servers.arpa. in-addr.arpa.           172800  IN      NS
> e.in-addr-servers.arpa. in-addr.arpa.           172800  IN      NS
> f.in-addr-servers.arpa. ;; Received 421 bytes from
> 2001:503:c27::2:30#53(2001:503:c27::2:30) in 1558 ms
> 
> 193.in-addr.arpa.       86400   IN      NS      ns3.nic.fr. 
> 193.in-addr.arpa.       86400   IN      NS
> pri.authdns.ripe.net. 193.in-addr.arpa.       86400   IN      NS
> sec1.apnic.net. 193.in-addr.arpa.       86400   IN      NS
> sec3.apnic.net. 193.in-addr.arpa.       86400   IN      NS
> sns-pb.isc.org. 193.in-addr.arpa.       86400   IN      NS
> tinnie.arin.net. ;; Received 201 bytes from
> 196.216.169.10#53(196.216.169.10) in 765 ms
> 
> 243.93.193.in-addr.arpa. 172800 IN      NS      ns2.cloud4you.biz. 
> 243.93.193.in-addr.arpa. 172800 IN      NS      ns1.cloud4you.biz. 
> ;; Received 94 bytes from 202.12.29.59#53(202.12.29.59) in 554 ms
> 
> 224.243.93.193.in-addr.arpa. 86400 IN   PTR
> relay2.netsol4u.de. ;; Received 77 bytes from
> 193.93.242.42#53(193.93.242.42) in 10 ms
> 
> $ cat /etc/unbound/unbound.conf server: chroot: /var/lib/unbound 
> do-daemonize: no extended-statistics: yes logfile: "" log-queries:
> yes pidfile: "" rrset-roundrobin: yes statistics-interval: 3600 
> statistics-cumulative: yes use-caps-for-id: yes val-log-level: 2 
> val-permissive-mode: yes trust-anchor: ". DS 19036 8 2 
> 49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5" 
> access-control: ::1 allow_snoop interface: ::1
> 
> $ cat /etc/resolv.conf nameserver ::1
> 
> Any pointers to solve that issue?
> 
> Thanks Andreas
> 
> _______________________________________________ Unbound-users
> mailing list Unbound-users at unbound.net 
> http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJTqTemAAoJEJ9vHC1+BF+NI4QP/3kyG7+FYqyrLCd7ehDoK/eJ
FiivqrfJIQvPIf+BWKVoq0cQkmvqG6ONYyo2qgDHS5DN7uOva/niA703nETBS3kW
Qtuc7+qsktE+DJ+Qaq9LgP/6kL3BZQH+wHKrQj1LOy2dKZtFcHHWesy17IygSwni
XNbzK5sBcAhcCoCMnq379LL62+1bmIPwacLfiLGkvS6YDo5XP4Y665jieczfUalF
cU0mYN9tEeq2QHTlXMCL6zSfe12xmWr/t9/oXMKhT3EcnznHmmtcRoMhnArnQzjH
ztlujwBnEij9dTXqCXiyh/YlQJb1lMDdlvqslmW4zqtit5RhMzQUj97OypwWlPsK
ssPUF5XsZHRD+zgK+NTP9QOh7nmTB/AkL3xI9ryNYGKYS3DixaiSo7QmXd+XmtYK
AjTpojZAebJDfkGr17T/C6LIyMiGC6C34u6UIVc/zLd+A+F21HKQOM3QrziL1ef5
qxiockuS1luNrUvs/rmc46xV+P0IcEy521GBCqv8A9flb+va8hk3egOfEAQIpeKr
yk8MWJ0A2QJFFP4Zp7fXwaIkYEuFlFSS2f1314ky8G/sLKwypRq6xgA1Hz6lCBJW
/Pu1bPWvUSNISgE7NHX9Hexkd4gqlCGKtijaTgwlZgm/atoLDRtcXBoytBxoHrJd
aLU8FGuzW5ThXHbrYcBf
=qWP9
-----END PGP SIGNATURE-----



More information about the Unbound-users mailing list