Replacing BIND with unbound
Mark Blackman
mark at exonetric.com
Mon Jul 9 22:23:08 UTC 2012
On 9 Jul 2012, at 23:01, Dag-Erling Smørgrav wrote:
> Mark Blackman <mark at exonetric.com> writes:
>> I never use '-t' with dig. drill *told* me I should use '-t' then
>> completely failed to acknowledge I had done so.
>>
>> Marks-Macbook% drill -t www.google.com
>> [...]
>> ;; WARNING: The answer packet was truncated; you might want to
>> ;; query again with TCP (-t argument), or EDNS0 (-b for buffer size)
>
> So you got a truncated response and used -t, it didn't help, and drill
> printed the boilerplate warning message that it always prints when it
> gets a truncated response. I don't know about you, but I would call
> that a cosmetic nit.
>
> Unless, of course, you had tcpdump running while you did this and it
> turns out that drill sent a UDP request in spite of -t? It works fine
> (i.e. it uses UDP by default, and TCP when asked to) for me.
Yes, I worked out it was boilerplate for the general condition. A cosmetic
nit that makes me do a double-take on my first usage strikes me as
rough around the edges. YMMV. drill certainly looks like a drop-in
replacement for the common case as you suggest. But if it's not called
'dig' and I've never heard of 'drill', I'm unlikely to reach for 'drill',
hence the alias suggestion. I *had* never heard of 'drill' until
this thread came up.
> FWIW, the reply I got was not truncated. Perhaps there is a transparent
> DNS proxy somewhere between you and 178.250.72.130 - quite common with
> broadband CPE.
I have detected there is some kind of stealth DNS interception at work
in the past, although I think it's more central than the CPE.
Mark
More information about the freebsd-hackers
mailing list