How to enable nameserver recursion?

ubuntu dns resolv.conf dig
16,986

The DNS resolver will only move onto the other name servers if the first one returns an error (i.e SERVFAIL) or can't be reached. If the DNS server returns NXDOMAIN then the resolver considers that the proper answer and won't check the others. NXDOMAIN is considered a final definitive answer that the requested domain does not exist.

In your case the first namserver is reached and is denying you.

In that namserver's named.conf you should have something like allow-query { any; };

Or

One solution might be to temporarily change the order of the nameservers in /etc/resolv.conf & put 8.8.8.8 first

Or

Just to direct dig to use 8.8.8.8 as the DNS server at command line you can do :

dig @8.8.8.8 google.de

Share:
16,986

Related videos on Youtube

Gottlieb Notschnabel
Author by

Gottlieb Notschnabel

Updated on September 18, 2022

Comments

  • Gottlieb Notschnabel
    Gottlieb Notschnabel over 1 year

    On Ubuntu 14.04, when I'm performing a

    dig google.de

    on my machine, I get a REFUSED status (reducing to relevant lines):

    me@machine:~# dig google.de
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 26926
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available

    My /etc/resolv.conf knows three nameservers:

    nameserver 1.2.3.4
nameserver 1.2.3.5
nameserver 8.8.8.8

    where the first two are corporate owned nameservers. But at least the last one (8.8.8.8) shouldn't return a refused status. So how can I enable recursion so that the last nameserver is considered?

    • neuron
      neuron almost 9 years
      Can you paste the named.conf configurations?
    • neuron
      neuron almost 9 years
      You should have allow-query { any; }; in that
    • Gottlieb Notschnabel
      Gottlieb Notschnabel almost 9 years
      There is no named.conf on that machine; find / -name "named.conf" returns nothing...
    • neuron
      neuron almost 9 years
      That will be there on your nameserver..
  • Gottlieb Notschnabel
    Gottlieb Notschnabel almost 9 years
    Thank you! Do I have to restart something after modifying resolv.conf (and if yes: how)?
  • Wouter Verhelst
    Wouter Verhelst almost 9 years
    No, that's not necessary. It will be picked up immediately.
  • Gottlieb Notschnabel
    Gottlieb Notschnabel almost 9 years
    Funnily I still get the same behaviour. And although 8.8.8.8 is the first nameserver now, dig still returns ;; SERVER: 1.2.3.4#53(1.2.3.4)...
  • YoMismo
    YoMismo almost 9 years
    @Neuron, you can specify a server for lookup in the dig command avoiding modifying files: dig @8.8.8.8 google.de
  • neuron
    neuron almost 9 years
    @YoMismo: Agree, edited my post to include your suggestion

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Ubuntu server cannot access the Internet: appears DNS related
Proper DNS suffix setup Ubuntu 17.04?
What overwrites /etc/resolv.conf roughly every hour?
Why doesn't systemd-resolved use my local DNS server?
Ubuntu: How to configure DNS servers in /etc/network/interfaces correctly for resolvconf?
How to persist “systemd-resolve” configuration for a particular network interface?
nslookup reported "can't resolve '(null)': Name does not resolve" though it successfully resolved the DNS names
My users get "net::err_name_not_resolved"
What's the name lookup differences between curl and nslookup
How does dig find my WAN-IP-address? What is "myip.opendns.com" doing?