Why can host and nslookup resolve a name but dig cannot?

domain-name-system dig nslookup host

Can anyone tell me why this is happening? I can resolve a hostname using host and/or nslookup but forward lookups do not work with dig; reverse lookups do:

musashixxx@box:~$ host someserver
someserver.somenet.internal has address 192.168.0.252
musashixxx@box:~$ host 192.168.0.252
252.0.168.192.in-addr.arpa domain name pointer someserver.somenet.internal.
musashixxx@box:~$ nslookup someserver
Server:     192.168.0.253
Address:    192.168.0.253#53

Name:   someserver.somenet.internal
Address: 192.168.0.252
musashixxx@box:~$ nslookup 192.168.0.252
Server:     192.168.0.253
Address:    192.168.0.253#53

252.0.168.192.in-addr.arpa  name = someserver.somenet.internal.

musashixxx@box:~$ dig someserver

; <<>> DiG 9.8.1-P1 <<>> someserver
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 55306
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;someserver.            IN  A

;; Query time: 0 msec
;; SERVER: 192.168.0.253#53(192.168.0.253)
;; WHEN: Wed Oct  3 15:47:38 2012
;; MSG SIZE  rcvd: 27

musashixxx@box:~$ dig -x 192.168.0.252

; <<>> DiG 9.8.1-P1 <<>> -x 192.168.0.252
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28126
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;252.0.168.192.in-addr.arpa.    IN  PTR

;; ANSWER SECTION:
252.0.168.192.in-addr.arpa. 3600 IN PTR someserver.somenet.internal.

;; Query time: 0 msec
;; SERVER: 192.168.0.253#53(192.168.0.253)
;; WHEN: Wed Oct  3 15:49:11 2012
;; MSG SIZE  rcvd: 86

Here's what my resolv.conf looks like:

nameserver 192.168.0.253
search somenet.internal

Is this behavior normal? Any thoughts?


Solution 1:

It's the default behaviour of dig not to use the search-option.

From the manual page:

   +[no]search
       Use [do not use] the search list defined by the searchlist or
       domain directive in resolv.conf (if any). The search list is not
       used by default.

Edit: Just add +search to make it work, like dig +search myhost.

Solution 2:

In my case, it is a bug in Microsoft DNS Server, where it returns FORMERR response (request format error) for requests with EDNS Cookie option set. Newer versions of dig (9.11 and up) use dns-cookies by default. This can be prevented by +nocookie or +noedns flag to dig:

$ dig +nocookie DOMAIN @SERVER

Source: https://kevinlocke.name/bits/2017/01/20/formerr-from-microsoft-dns-server-for-dig/

Related

Change current directory to the batch file directory
How to automatically start supervisord on Linux (Ubuntu)
windows 10 ssh proxycommand: "posix_spawn: No such file or directory"
What is the command to flash a NIC link light?
Why do we ping the IP 4.2.2.2 to test connectivity?
Configuring Systemd Service to run with root access
strongswan vs openswan
prevent xargs from quitting on error
How do I empty /dev/null? [closed]
where are the default ulimit values set? (linux, centos)
How to detect whether a user is using USB tethering?
How do you handle "CMD does not support UNC paths as current directories"?