Ken Price wrote:
This line ...
;; SERVER: 4.2.2.1#53(4.2.2.1)
... tells you the DNS server which returned the result, which in this case, is more than likely a caching (recursive) DNS server. If verbose enough logging is enabled on that caching server, it should tell you which primary DNS server returned a particular query result. The "@ns1.myserver" feature in DIG allows you to do that test directly from your workstation to the primary DNS server(s). Is there any particular reason this won't work for you? Perhaps if you explained your problem in more detail, someone on this list could offer alternative methods of troubleshooting.
Regards, Ken
----- Message from Rudi@SoftDux.com --------- Date: Mon, 07 Jul 2008 17:38:22 +0200 From: Rudi Ahlers Rudi@SoftDux.com Reply-To: CentOS mailing list centos@centos.org Subject: Re: [CentOS] how do I find out which nameserver returns a DNS query? To: CentOS mailing list centos@centos.org
Hi Ken
I thought dig would return it, but it doesn't.
Look at this:
dig hfserver1.hostfactor.co.za
; <<>> DiG 9.3.3rc2 <<>> hfserver1.hostfactor.co.za ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17016 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION: ;hfserver1.hostfactor.co.za. IN A
;; ANSWER SECTION: hfserver1.hostfactor.co.za. 6000 IN A 196.34.136.50
;; Query time: 287 msec ;; SERVER: 4.2.2.1#53(4.2.2.1) ;; WHEN: Mon Jul 7 17:36:45 2008 ;; MSG SIZE rcvd: 60
I know I can dig @server - but I want to know which is the active server that returns a result at the moment
--
Ok, sorry, let me re-phrase.
I want to know on my own server, which of my nameservers replied to the DNS query. In this example 4.2.2.1 is our ISP's upstream DNS server, which is configured in /etc/resolv.conf - so it should technically appear there.
But, let's say I query host1.myserver.co.za - and myserver.co.za is on another server, and has ns1.myserver.co.za, ns2.myserver.co.za, ns3myserver.co.za & ns4.myserver.co.za
So, as far as I know, any one of those can reply (round robbin DNS?), but I would like to know which one replies for this particular dig. Is that possible? I don't want to specify a server to query, I want to find out which of the 4 returns the query. If it's a cached reply, does it mean I won't see it?