<div dir="ltr"><div><div><div>Looks like you solved it. I can get a successful result from here.<br><br>jgs@musashi:~$ dig +short @<a href="http://69.36.158.33">69.36.158.33</a> <a href="http://mail.rwjf.org">mail.rwjf.org</a> <br>

63.124.222.60<br><br></div>But it sounds like your problem was with UDP queries not being answered. Reasons why include a DNS server configuration parameter (is it configured to listed on UDP port 53?), or a firewall rule.<br>

<br></div>Anyway, it's undoubtedly a local configuration issue.<br><br></div>Cheers,<br>Jonathan<br></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Sat, Mar 2, 2013 at 6:06 PM, Mohamed Lrhazi <span dir="ltr"><<a href="mailto:ml623@georgetown.edu" target="_blank">ml623@georgetown.edu</a>></span> wrote:<br>

<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Sorry posting this here.. <div><br></div><div>What could possibly cause this:</div><div><br></div><div>
One, and only one specific query so far, is failing, systematically, like so, on a mail appliance of ours:</div>


<div><br></div><div><div style="font-size:13px;font-family:arial,sans-serif">> dig @<a href="http://69.36.158.33/" target="_blank">69.36.158.33</a> <a href="http://mail.rwjf.org/" target="_blank">mail.rwjf.org</a> </div>



<div style="font-size:13px;font-family:arial,sans-serif"><br></div><div style="font-size:13px;font-family:arial,sans-serif"><br></div><div style="font-size:13px;font-family:arial,sans-serif">

; <<>> DiG 9.4.3-P2 <<>> @<a href="http://69.36.158.33/" target="_blank">69.36.158.33</a> <a href="http://mail.rwjf.org/" target="_blank">mail.rwjf.org</a> A</div><div style="font-size:13px;font-family:arial,sans-serif">



; (1 server found)</div><div style="font-size:13px;font-family:arial,sans-serif">;; global options:  printcmd</div><div style="font-size:13px;font-family:arial,sans-serif">;; connection timed out; no servers could be reached</div>



<div style="font-size:13px;font-family:arial,sans-serif"><br></div><div style="font-size:13px;font-family:arial,sans-serif"><br></div><div><font color="#000000" face="arial, sans-serif">Using +tcp works. same query against google public DNS works. Same query from other systems in our network works.</font></div>



<div style="font-size:13px;font-family:arial,sans-serif"><br></div><div><font color="#000000" face="arial, sans-serif">tcpdump and whireshark, show, in pcap taken on the appliance itself, the reply came back pretty quick and looks correct:</font></div>



<div style="font-size:13px;font-family:arial,sans-serif"><br></div><div><font color="#000000" face="arial, sans-serif">3<span style="white-space:pre-wrap"> </span>12:27:46.045245<span style="white-space:pre-wrap"> </span>141.161.2.147<span style="white-space:pre-wrap">   </span>69.36.158.33<span style="white-space:pre-wrap">    </span>DNS<span style="white-space:pre-wrap">     </span>Standard query A <a href="http://mail.rwjf.org" target="_blank">mail.rwjf.org</a><span style="white-space:pre-wrap">       </span>62431<span style="white-space:pre-wrap">   </span>53</font><br>



</div><div><font color="#000000" face="arial, sans-serif">4<span style="white-space:pre-wrap">    </span>12:27:46.054869<span style="white-space:pre-wrap"> </span>69.36.158.33<span style="white-space:pre-wrap">    </span>141.161.2.147<span style="white-space:pre-wrap">   </span>DNS<span style="white-space:pre-wrap">     </span>Standard query response A <a href="tel:63.124.222.60" value="+16312422260" target="_blank">63.124.222.60</a><span style="white-space:pre-wrap">  </span>53<span style="white-space:pre-wrap">      </span>62431<br>



</font></div><div><font color="#000000" face="arial, sans-serif"><br></font></div><div><font color="#000000" face="arial, sans-serif">But dig (and the mail software in the appliance) fails.</font></div><div><font color="#000000" face="arial, sans-serif"><br>



</font></div><div><span style="font-family:arial,sans-serif">Thanks a lot,</span><br></div><div><font color="#000000" face="arial, sans-serif">Mohamed.</font></div></div></div>
<br>_______________________________________________<br>
dns-operations mailing list<br>
<a href="mailto:dns-operations@lists.dns-oarc.net">dns-operations@lists.dns-oarc.net</a><br>
<a href="https://lists.dns-oarc.net/mailman/listinfo/dns-operations
dns-jobs" target="_blank">https://lists.dns-oarc.net/mailman/listinfo/dns-operations<br>
dns-jobs</a> mailing list<br>
<a href="https://lists.dns-oarc.net/mailman/listinfo/dns-jobs" target="_blank">https://lists.dns-oarc.net/mailman/listinfo/dns-jobs</a><br></blockquote></div><br><br clear="all"><br>-- <br>     Jonathan
</div>