1

I changed my DNS and I'm having this problem:

> host grupoesoc.es
grupoesoc.es has address 178.62.234.188
grupoesoc.es has IPv6 address 2a03:b0c0:2:d0::127:6001
grupoesoc.es mail is handled by 20 alt2.aspmx.l.google.com.
grupoesoc.es mail is handled by 20 alt1.aspmx.l.google.com.
grupoesoc.es mail is handled by 30 aspmx3.googlemail.com.
grupoesoc.es mail is handled by 10 aspmx.l.google.com.

> host -a grupoesoc.es
Trying "grupoesoc.es"
Host grupoesoc.es not found: 5(REFUSED)
Received 30 bytes from 212.145.4.97#53 in 79 ms

What's happening? Why I cannot read with -a but yes without it?

Additional info: Ping works, I already disconnected and reconnected from my network, HTTP browsing works.

Yajo
  • 292
  • 2
  • 3
  • 8
  • Did you checked your firewall configuration ? – Froggiz Dec 18 '15 at 12:21
  • I was going to test the hypothesis that the ANY query perhaps did a TCP request and that your server only accepts UDP. But even though I could reproduce your results, I can't anymore. It just works, it seems. – Halfgaar Dec 18 '15 at 12:45
  • What did you change about your DNS? – Paul Haldane Dec 18 '15 at 12:54
  • 1
    That looks like the version of `host` that you're using doesn't understand the `-a` flag and is taking that as the query with `grupoesec.es` as the server name. Do you have multiple versions of `host` installed? An alias/function changing the default behaviour? What happens if you try explicitly running `/usr/bin/host -a grupoesec.es` ? – Paul Haldane Dec 18 '15 at 12:57
  • The error message makes it sound like the ALL query was refused by one of the upstream DNS servers. The output says the query made it out the door, but something stopped it. – Andrew Domaszek Dec 18 '15 at 13:01
  • I get a SERVFAIL when I try it. You should probably be speaking to 1&1. – Michael Hampton Dec 18 '15 at 14:40

1 Answers1

2

When you are not using -a, host is sending distinct requests to get the A record and the MX records.

host -a does not work because your DNS servers (well, the 1&1 DNS servers) are refusing queries of type ANY. This is usually not a problem, it's more of a security feature.

Law29
  • 3,557
  • 1
  • 16
  • 28
  • They seem to have fixed that after awhile, but the question was not how to fix, but why, so this is the right answer. Thanks! – Yajo Dec 21 '15 at 11:40