1

I've looked up two questions here at serverfault, but my question's a little different in specificity - when running the dig command with the +norecurs option (I'm trying to experiment with cache here - by running it once with +norecurs and another time without), I get the REFUSED stats as shown below. Would appreciate an explanation of why this happens instead of returning with a NOERROR status normally. Thanks!

dig www.mangabb.me +norecurs


; <<>> DiG 9.8.3-P1 <<>> www.mangabb.me +norecurs
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 20157
;; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.mangabb.me.            IN  A

;; Query time: 2 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Wed Apr  2 21:39:37 2014
;; MSG SIZE  rcvd: 32

**UPDATE: Okay, I tried specifying a server like this:

dig @202.120.224.26 www.mangabb.me +norecurs and it worked!

Why does the root server . not work?

MichelZ
  • 11,068
  • 4
  • 32
  • 59
blazonix
  • 113
  • 1
  • 5
  • 1
    dig without an `@` option will default to your local nameservers as configured in `/etc/resolv.conf`. 192.168.1.1 is the server you need to blame, not the root servers. – NickW Apr 02 '14 at 14:08
  • If 192.168.1.1 is running Bind 9, have a look at the option `allow-query-cache{}` – NickW Apr 02 '14 at 14:53
  • Ahh...I see what you mean - still new to this terminology. Will keep that in mind for future reference. Thanks! – blazonix Apr 02 '14 at 15:20
  • The Bind option I mentioned will return an error if it is set to not allow cache queries, though if it does allow recursion, that means it's no longer a caching DNS server (which would be odd). Here's a bit more info: http://www.zytrax.com/books/dns/ch7/queries.html#allow-query-cache – NickW Apr 02 '14 at 15:23

0 Answers0