> I=B4m using bind version 9.3.0 configured as a dns cache server. I=B4m
> experiencing a strange situation here and I have no idea if it is a
> bug issue or not. Just wanna some help from you gurus... When I try
> to resolve www.jfce.gov.br using this dns
> server I receive a timeout response. I traced this query using debug
> level 99. Do anyone have any clue of what I s going on? =20
> 10-Nov-2004 12:21:34.351 dispatch 0x81f1f38 response 0x821e578
> 200.166.132.11#53: attached to task 0x81f9f88
>=20
> 10-Nov-2004 12:21:34.351 resquery 0x821f3e8 (fctx=20
> 0x821ad58(www.jfce.gov.br/A)): sent


> > It has found 200.166.132.11, which is one of the nameservers for =

jfce.gov.br

> 10-Nov-2004 12:21:36.351 dispatch 0x81f1f38 response 0x821f6d0 =

200.166.132.10#53: attached to task 0x81f9f88

> > And 200.166.132.10 is the other one, so looks like a problem between
> > your server and those two. Can you query them directly, eg
> > dig @200.166.132.10 www.jfce.gov.br. a +norec
> >I can from here. Ah, but not if I use port 53 as the query-source,
> > so could be their firewall is refusing queries from port 53.


Hi Ronan,

Firewall? Hmm, do you know some tool to make dns request choosing the =
port for the query-source?

I tried (looks good):

$ dig @200.166.132.10 www.jfce.gov.br. a +norec

; <<>> DiG 9.2.3 <<>> @200.166.132.10 www.jfce.gov.br. a +norec
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39425
;; flags: qr aa ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;www.jfce.gov.br. IN A

;; ANSWER SECTION:
www.jfce.gov.br. 78000 IN A 200.166.132.18

;; AUTHORITY SECTION:
jfce.gov.br. 78000 IN NS ns1.jfce.gov.br.
jfce.gov.br. 78000 IN NS ns2.jfce.gov.br.

;; ADDITIONAL SECTION:
ns1.jfce.gov.br. 78000 IN A 200.166.132.10
ns2.jfce.gov.br. 78000 IN A 200.166.132.11

;; Query time: 62 msec
;; SERVER: 200.166.132.10#53(200.166.132.10)
;; WHEN: Thu Nov 11 11:07:55 2004
;; MSG SIZE rcvd: 117


$ dig @200.166.132.11 www.jfce.gov.br. a +norec

; <<>> DiG 9.2.3 <<>> @200.166.132.11 www.jfce.gov.br. a +norec
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 323
;; flags: qr aa ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;www.jfce.gov.br. IN A

;; ANSWER SECTION:
www.jfce.gov.br. 78000 IN A 200.166.132.18

;; AUTHORITY SECTION:
jfce.gov.br. 78000 IN NS ns1.jfce.gov.br.
jfce.gov.br. 78000 IN NS ns2.jfce.gov.br.

;; ADDITIONAL SECTION:
ns1.jfce.gov.br. 78000 IN A 200.166.132.10
ns2.jfce.gov.br. 78000 IN A 200.166.132.11

;; Query time: 60 msec
;; SERVER: 200.166.132.11#53(200.166.132.11)
;; WHEN: Thu Nov 11 11:08:27 2004
;; MSG SIZE rcvd: 117