tcp - DNS: can't dig 8.8.8.8 directly

23
2014-04
  • private data public channel 2
    me@ubuntu:# dig @8.8.8.8 google.com
    
    ; <<>> DiG 9.9.2-P2 <<>> @8.8.8.8 google.com
    ; (1 server found)
    ;; global options: +cmd
    ;; connection timed out; no servers could be reached
    
    me@ubuntu:# dig @8.8.8.8 google.com +tcp
    
    ; <<>> DiG 9.9.2-P2 <<>> @8.8.8.8 google.com +tcp
    ; (1 server found)
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60080
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 16, AUTHORITY: 0, ADDITIONAL: 1
    
    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 512
    ;; QUESTION SECTION:
    ;google.com.            IN  A
    
    ;; ANSWER SECTION:
    google.com.     300 IN  A   46.28.247.93
    google.com.     300 IN  A   46.28.247.104
    google.com.     300 IN  A   46.28.247.113
    google.com.     300 IN  A   46.28.247.98
    google.com.     300 IN  A   46.28.247.114
    google.com.     300 IN  A   46.28.247.84
    google.com.     300 IN  A   46.28.247.119
    google.com.     300 IN  A   46.28.247.109
    google.com.     300 IN  A   46.28.247.89
    google.com.     300 IN  A   46.28.247.88
    google.com.     300 IN  A   46.28.247.108
    google.com.     300 IN  A   46.28.247.99
    google.com.     300 IN  A   46.28.247.118
    google.com.     300 IN  A   46.28.247.94
    google.com.     300 IN  A   46.28.247.103
    google.com.     300 IN  A   46.28.247.123
    
    ;; Query time: 33 msec
    ;; SERVER: 8.8.8.8#53(8.8.8.8)
    ;; WHEN: Tue May  7 22:51:45 2013
    ;; MSG SIZE  rcvd: 295
    

    and:

    me@ubuntu:# dig google.com +tcp
    ;; Connection to 192.168.1.1#53(192.168.1.1) for google.com failed: connection refused.
    
    ; <<>> DiG 9.9.2-P2 <<>> google.com +tcp
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 51835
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
    
    ;; QUESTION SECTION:
    ;google.com.            IN  A
    
    ;; Query time: 1 msec
    ;; SERVER: 127.0.1.1#53(127.0.1.1)
    ;; WHEN: Tue May  7 22:52:06 2013
    ;; MSG SIZE  rcvd: 28
    
    me@ubuntu:# dig google.com
    
    ; <<>> DiG 9.9.2-P2 <<>> google.com
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13226
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 16, AUTHORITY: 0, ADDITIONAL: 1
    
    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 512
    ;; QUESTION SECTION:
    ;google.com.            IN  A
    
    ;; ANSWER SECTION:
    google.com.     268 IN  A   46.28.247.93
    google.com.     268 IN  A   46.28.247.104
    google.com.     268 IN  A   46.28.247.113
    google.com.     268 IN  A   46.28.247.98
    google.com.     268 IN  A   46.28.247.114
    google.com.     268 IN  A   46.28.247.84
    google.com.     268 IN  A   46.28.247.119
    google.com.     268 IN  A   46.28.247.109
    google.com.     268 IN  A   46.28.247.89
    google.com.     268 IN  A   46.28.247.88
    google.com.     268 IN  A   46.28.247.108
    google.com.     268 IN  A   46.28.247.99
    google.com.     268 IN  A   46.28.247.118
    google.com.     268 IN  A   46.28.247.94
    google.com.     268 IN  A   46.28.247.103
    google.com.     268 IN  A   46.28.247.123
    
    ;; Query time: 53 msec
    ;; SERVER: 127.0.1.1#53(127.0.1.1)
    ;; WHEN: Tue May  7 22:52:17 2013
    ;; MSG SIZE  rcvd: 295
    

    question: what can I do, check?

  • Answers
  • Seasoned Advice (cooking)

    Would seem that your access to port 53 outside the LAN has been blocked - not unusual on a corporate network.


  • Related Question

    networking - dig lookup different from system lookup
  • simao

    I am running dd-wrt and I configured it's dns server to resolve a few hosts inside my network.

    When I use dig to lookup these hosts, they are resolved OK, but when I try to ping those hosts I always receive an unknown host error message.

    For example:

    obe:~ simao$ dig dd-wrt
    ; <<>> DiG 9.6.0-APPLE-P2 <<>> dd-wrt
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44026
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
    
    ;; QUESTION SECTION:
    ;dd-wrt.                IN  A
    
    ;; ANSWER SECTION:
    dd-wrt.         0   IN  A   192.168.1.1
    

    But then:

    obe:~ simao$ ping dd-wrt
    ping: cannot resolve dd-wrt: Unknown host
    

    Any ideas?

    Thanks.


  • Related Answers
  • cmbrnt

    This seems to me like a Mac OS X specific problem, after doing some googling. I found quite a few threads on forums discussing this issue. An example:

    http://discussions.apple.com/thread.jspa?threadID=2213373

    Apparently it could be because your /etc/resolv.conf has two DNS-servers configured, and dig goes through both of them to find the host 'dd-wrt', while ping gives up after using only one of the DNS-servers. Try reversing the order of your servers in resolv.conf