Replacing BIND with unbound

Mark Blackman mark at exonetric.com
Mon Jul 9 22:23:08 UTC 2012


On 9 Jul 2012, at 23:01, Dag-Erling Smørgrav wrote:

> Mark Blackman <mark at exonetric.com> writes:
>> I never use '-t' with dig. drill *told* me I should use '-t' then
>> completely failed to acknowledge I had done so.
>> 
>> Marks-Macbook% drill -t www.google.com
>> [...]
>> ;; WARNING: The answer packet was truncated; you might want to
>> ;; query again with TCP (-t argument), or EDNS0 (-b for buffer size)
> 
> So you got a truncated response and used -t, it didn't help, and drill
> printed the boilerplate warning message that it always prints when it
> gets a truncated response.  I don't know about you, but I would call
> that a cosmetic nit.
> 
> Unless, of course, you had tcpdump running while you did this and it
> turns out that drill sent a UDP request in spite of -t?  It works fine
> (i.e. it uses UDP by default, and TCP when asked to) for me.

Yes, I worked out it was boilerplate for the general condition. A cosmetic
nit that makes me do a double-take on my first usage strikes me as 
rough around the edges. YMMV. drill certainly looks like a drop-in 
replacement for the common case as you suggest. But if it's not called
'dig' and I've never heard of 'drill', I'm unlikely to reach for 'drill',
hence the alias suggestion.  I *had* never heard of 'drill' until
this thread came up.

> FWIW, the reply I got was not truncated.  Perhaps there is a transparent
> DNS proxy somewhere between you and 178.250.72.130 - quite common with
> broadband CPE.

I have detected there is some kind of stealth DNS interception at work
in the past, although I think it's more central than the CPE.

Mark


More information about the freebsd-hackers mailing list