In order to send 2FA emails from a PHP web site to myself, I set up an MX record override and created a firewall rule that allows access to the mail server for the destination domain, but when I attempt to send, sendmail writes to its log that email is accepted for delivery but never delvers. To test the DNS name resolution, I run nslookup and enter type=MX command, but it always prints: ;; communications error to 10.0.0.1#53: timed out ;; communications error to 10.0.0.1#53: timed out ;; communications error to 10.0.0.1#53: timed out ;; no servers could be reached When I ping, telnet, or curl, etc, the name resolution by that DNS server works fine. For example, it can install packages from Debian repos. From that little information about sendmail, which I was able to absorb, it sounds like all it needs to deliver to admin@example.com is an MX record for example.com to point at smtp.example.com. Correct me if I am wrong. All of these items seem to be in place: there is an MX record for example.com on my DNS server; it points at smtp.example.com that also has an A record; I am sending to admin@example.com; there is a firewall rule that allows the Linux box with sendmail to resolve names with the DNS server; there is a firewall rule that allows the Linux box with sendmail to send emails to smtp.example.com. All of this exists in my LAN and does not need any access to the outside Internet. How should I troubleshoot the sendmail delivery in this situation? **EDIT**: In the mean time I found out the root cause of the failing sendmail: it prepends whatever email address I use on the command line with the currently logged in user name (without regard to su), i.e. if my user name is myusername, then it changes me@mydomain to myusername@me@mydomain on the 1st attempt and myusername@mydomain on the 2nd attempt. Something is missing from sendmail.mc, but what is it?

I use dnsmasq with "hosts" as a domains table provider. When I am trying to nslookup mole.mishland, it throws that: nslookup mole.mishland Server: 192.168.0.34 Address: 192.168.0.34#53 Name: mole.mishland Address: 192.168.0.34 ** server can't find mole.mishland: REFUSED But I can succesfully dig, ping this domain and telnet 53 port: ; > DiG 9.18.28-0ubuntu0.22.04.1-Ubuntu > mole.mishland ;; global options: +cmd ;; Got answer: ;; ->>HEADERname queries for 192.168.3/24 to nameserver 10.1.2.3 #server=/3.168.192.in-addr.arpa/10.1.2.3 # Add local-only domains here, queries in these domains are answered # from /etc/hosts or DHCP only. #local=/localnet/ # Add domains which you want to force to an IP address here. # The example below send any host in double-click.net to a local # web-server. #address=/mole.mishland/192.168.0.34 # --address (and --server) work with IPv6 addresses too. #address=/www.thekelleys.org.uk/fe80::20d:60ff:fe36:f83 # Add the IPs of all queries to yahoo.com, google.com, and their # subdomains to the vpn and search ipsets: #ipset=/yahoo.com/google.com/vpn,search # Add the IPs of all queries to yahoo.com, google.com, and their # subdomains to netfilters sets, which is equivalent to # 'nft add element ip test vpn { ... }; nft add element ip test search { ... }' #nftset=/yahoo.com/google.com/ip#test#vpn,ip#test#search # Use netfilters sets for both IPv4 and IPv6: # This adds all addresses in *.yahoo.com to vpn4 and vpn6 for IPv4 and IPv6 addresses. #nftset=/yahoo.com/4#ip#test#vpn4 #nftset=/yahoo.com/6#ip#test#vpn6 # You can control how dnsmasq talks to a server: this forces # queries to 10.1.2.3 to be routed via eth1 # server=10.1.2.3@eth1 # and this sets the source (ie local) address used to talk to # 10.1.2.3 to 192.168.1.1 port 55 (there must be an interface with that # IP on the machine, obviously). # server=10.1.2.3@192.168.1.1#55 # If you want dnsmasq to change uid and gid to something other # than the default, edit the following lines. #user= #group= # If you want dnsmasq to listen for DHCP and DNS requests only on # specified interfaces (and the loopback) give the name of the # interface (eg eth0) here. # Repeat the line for more than one interface. interface=enp5s0 # Or you can specify which interface _not_ to listen on #except-interface= # Or which to listen on by address (remember to include 127.0.0.1 if # you use this.) listen-address=192.168.0.34, 127.0.0.1 # If you want dnsmasq to provide only DNS service on an interface, # configure it as shown above, and then use the following line to # disable DHCP and TFTP on it. #no-dhcp-interface= # On systems which support it, dnsmasq binds the wildcard address, # even when it is listening on only some interfaces. It then discards # requests that it shouldn't reply to. This has the advantage of # working even when interfaces come and go and change address. If you # want dnsmasq to really bind only the interfaces it is listening on, # uncomment this option. About the only time you may need this is when # running another nameserver on the same machine. bind-interfaces # If you don't want dnsmasq to read /etc/hosts, uncomment the # following line. #no-hosts # or if you want it to read another file, as well as /etc/hosts, use # this. #addn-hosts=/etc/banner_add_hosts # Set this (and domain: see below) if you want to have a domain # automatically added to simple names in a hosts-file. #expand-hosts # Set the domain for dnsmasq. this is optional, but if it is set, it # does the following things. # 1) Allows DHCP hosts to have fully qualified domain names, as long # as the domain part matches this setting. # 2) Sets the "domain" DHCP option thereby potentially setting the # domain of all systems configured by DHCP # 3) Provides the domain part for "expand-hosts" domain=mishland # Set a different domain for a particular subnet #domain=wireless.thekelleys.org.uk,192.168.2.0/24 # Same idea, but range rather then subnet #domain=reserved.thekelleys.org.uk,192.68.3.100,192.168.3.200 # Uncomment this to enable the integrated DHCP server, you need # to supply the range of addresses available for lease and optionally # a lease time. If you have more than one network, you will need to # repeat this for each network on which you want to supply DHCP # service. #dhcp-range=192.168.0.50,192.168.0.150,12h # This is an example of a DHCP range where the netmask is given. This # is needed for networks we reach the dnsmasq DHCP server via a relay # agent. If you don't know what a DHCP relay agent is, you probably # don't need to worry about this. #dhcp-range=192.168.0.50,192.168.0.150,255.255.255.0,12h # This is an example of a DHCP range which sets a tag, so that # some DHCP options may be set only for this network. #dhcp-range=set:red,192.168.0.50,192.168.0.150 # Use this DHCP range only when the tag "green" is set. #dhcp-range=tag:green,192.168.0.50,192.168.0.150,12h # Specify a subnet which can't be used for dynamic address allocation, # is available for hosts with matching --dhcp-host lines. Note that # dhcp-host declarations will be ignored unless there is a dhcp-range # of some type for the subnet in question. # In this case the netmask is implied (it comes from the network # configuration on the machine running dnsmasq) it is possible to give # an explicit netmask instead. #dhcp-range=192.168.0.0,static # Enable DHCPv6. Note that the prefix-length does not need to be specified # and defaults to 64 if missing/ #dhcp-range=1234::2, 1234::500, 64, 12h # Do Router Advertisements, BUT NOT DHCP for this subnet. #dhcp-range=1234::, ra-only # Do Router Advertisements, BUT NOT DHCP for this subnet, also try and # add names to the DNS for the IPv6 address of SLAAC-configured dual-stack # hosts. Use the DHCPv4 lease to derive the name, network segment and # MAC address and assume that the host will also have an # IPv6 address calculated using the SLAAC algorithm. #dhcp-range=1234::, ra-names # Do Router Advertisements, BUT NOT DHCP for this subnet. # Set the lifetime to 46 hours. (Note: minimum lifetime is 2 hours.) #dhcp-range=1234::, ra-only, 48h # Do DHCP and Router Advertisements for this subnet. Set the A bit in the RA # so that clients can use SLAAC addresses as well as DHCP ones. #dhcp-range=1234::2, 1234::500, slaac # Do Router Advertisements and stateless DHCP for this subnet. Clients will # not get addresses from DHCP, but they will get other configuration information. # They will use SLAAC for addresses. #dhcp-range=1234::, ra-stateless # Do stateless DHCP, SLAAC, and generate DNS names for SLAAC addresses # from DHCPv4 leases. #dhcp-range=1234::, ra-stateless, ra-names # Do router advertisements for all subnets where we're doing DHCPv6 # Unless overridden by ra-stateless, ra-names, et al, the router # advertisements will have the M and O bits set, so that the clients # get addresses and configuration from DHCPv6, and the A bit reset, so the # clients don't use SLAAC addresses. #enable-ra # Supply parameters for specified hosts using DHCP. There are lots # of valid alternatives, so we will give examples of each. Note that # IP addresses DO NOT have to be in the range given above, they just # need to be on the same network. The order of the parameters in these # do not matter, it's permissible to give name, address and MAC in any # order. # Always allocate the host with Ethernet address 11:22:33:44:55:66 # The IP address 192.168.0.60 #dhcp-host=11:22:33:44:55:66,192.168.0.60 # Always set the name of the host with hardware address # 11:22:33:44:55:66 to be "fred" #dhcp-host=11:22:33:44:55:66,fred # Always give the host with Ethernet address 11:22:33:44:55:66 # the name fred and IP address 192.168.0.60 and lease time 45 minutes #dhcp-host=11:22:33:44:55:66,fred,192.168.0.60,45m # Give a host with Ethernet address 11:22:33:44:55:66 or # 12:34:56:78:90:12 the IP address 192.168.0.60. Dnsmasq will assume # that these two Ethernet interfaces will never be in use at the same # time, and give the IP address to the second, even if it is already # in use by the first. Useful for laptops with wired and wireless # addresses. #dhcp-host=11:22:33:44:55:66,12:34:56:78:90:12,192.168.0.60 # Give the machine which says its name is "bert" IP address # 192.168.0.70 and an infinite lease #dhcp-host=bert,192.168.0.70,infinite # Always give the host with client identifier 01:02:02:04 # the IP address 192.168.0.60 #dhcp-host=id:01:02:02:04,192.168.0.60 # Always give the InfiniBand interface with hardware address # 80:00:00:48:fe:80:00:00:00:00:00:00:f4:52:14:03:00:28:05:81 the # ip address 192.168.0.61. The client id is derived from the prefix # ff:00:00:00:00:00:02:00:00:02:c9:00 and the last 8 pairs of # hex digits of the hardware address. #dhcp-host=id:ff:00:00:00:00:00:02:00:00:02:c9:00:f4:52:14:03:00:28:05:81,192.168.0.61 # Always give the host with client identifier "marjorie" # the IP address 192.168.0.60 #dhcp-host=id:marjorie,192.168.0.60 # Enable the address given for "judge" in /etc/hosts # to be given to a machine presenting the name "judge" when # it asks for a DHCP lease. #dhcp-host=judge # Never offer DHCP service to a machine whose Ethernet # address is 11:22:33:44:55:66 #dhcp-host=11:22:33:44:55:66,ignore # Ignore any client-id presented by the machine with Ethernet # address 11:22:33:44:55:66. This is useful to prevent a machine # being treated differently when running under different OS's or # between PXE boot and OS boot. #dhcp-host=11:22:33:44:55:66,id:* # Send extra options which are tagged as "red" to # the machine with Ethernet address 11:22:33:44:55:66 #dhcp-host=11:22:33:44:55:66,set:red # Send extra options which are tagged as "red" to # any machine with Ethernet address starting 11:22:33: #dhcp-host=11:22:33:*:*:*,set:red # Give a fixed IPv6 address and name to client with # DUID 00:01:00:01:16:d2:83:fc:92:d4:19:e2:d8:b2 # Note the MAC addresses CANNOT be used to identify DHCPv6 clients. # Note also that the [] around the IPv6 address are obligatory. #dhcp-host=id:00:01:00:01:16:d2:83:fc:92:d4:19:e2:d8:b2, fred, [1234::5] # Ignore any clients which are not specified in dhcp-host lines # or /etc/ethers. Equivalent to ISC "deny unknown-clients". # This relies on the special "known" tag which is set when # a host is matched. #dhcp-ignore=tag:!known # Send extra options which are tagged as "red" to any machine whose # DHCP vendorclass string includes the substring "Linux" #dhcp-vendorclass=set:red,Linux # Send extra options which are tagged as "red" to any machine one # of whose DHCP userclass strings includes the substring "accounts" #dhcp-userclass=set:red,accounts # Send extra options which are tagged as "red" to any machine whose # MAC address matches the pattern. #dhcp-mac=set:red,00:60:8C:*:*:* # If this line is uncommented, dnsmasq will read /etc/ethers and act # on the ethernet-address/IP pairs found there just as if they had # been given as --dhcp-host options. Useful if you keep # MAC-address/host mappings there for other purposes. #read-ethers # Set the DHCP server to enable DHCPv4 Rapid Commit Option per RFC 4039. # In this mode it will respond to a DHCPDISCOVER message including a Rapid Commit # option with a DHCPACK including a Rapid Commit option and fully committed address # and configuration information. This must only be enabled if either the server is # the only server for the subnet, or multiple servers are present and they each # commit a binding for all clients. #dhcp-rapid-commit # Run an executable when a DHCP lease is created or destroyed. # The arguments sent to the script are "add" or "del", # then the MAC address, the IP address and finally the hostname # if there is one. #dhcp-script=/bin/echo # Set the cachesize here. #cache-size=150 # If you want to disable negative caching, uncomment this. #no-negcache # Normally responses which come from /etc/hosts and the DHCP lease # file have Time-To-Live set as zero, which conventionally means # do not cache further. If you are happy to trade lower load on the # server for potentially stale date, you can set a time-to-live (in # seconds) here. #local-ttl= # If you want dnsmasq to detect attempts by Verisign to send queries # to unregistered .com and .net hosts to its sitefinder service and # have dnsmasq instead return the correct NXDOMAIN response, uncomment # this line. You can add similar lines to do the same for other # registries which have implemented wildcard A records. #bogus-nxdomain=64.94.110.11 # If you want to fix up DNS results from upstream servers, use the # alias option. This only works for IPv4. # This alias makes a result of 1.2.3.4 appear as 5.6.7.8 #alias=1.2.3.4,5.6.7.8 # and this maps 1.2.3.x to 5.6.7.x #alias=1.2.3.0,5.6.7.0,255.255.255.0 # and this maps 192.168.0.10->192.168.0.40 to 10.0.0.10->10.0.0.40 #alias=192.168.0.10-192.168.0.40,10.0.0.0,255.255.255.0 # Change these lines if you want dnsmasq to serve MX records. # Return an MX record named "maildomain.com" with target # servermachine.com and preference 50 mx-host=mole.mishland,mole.mishland # Set the default target for MX records created using the localmx option. #mx-target=servermachine.com # Return an MX record pointing to the mx-target for all local # machines. #localmx # Return an MX record pointing to itself for all local machines. #selfmx # Change the following lines if you want dnsmasq to serve SRV # records. These are useful if you want to serve ldap requests for # Active Directory and other windows-originated DNS requests. # See RFC 2782. # You may add multiple srv-host lines. # The fields are ,,,, # If the domain part if missing from the name (so that is just has the # service and protocol sections) then the domain given by the domain= # config option is used. (Note that expand-hosts does not need to be # set for this to work.) # A SRV record sending LDAP for the example.com domain to # ldapserver.example.com port 389 #srv-host=_ldap._tcp.example.com,ldapserver.example.com,389 # A SRV record sending LDAP for the example.com domain to # ldapserver.example.com port 389 (using domain=) #domain=example.com #srv-host=_ldap._tcp,ldapserver.example.com,389 # Two SRV records for LDAP, each with different priorities #srv-host=_ldap._tcp.example.com,ldapserver.example.com,389,1 #srv-host=_ldap._tcp.example.com,ldapserver.example.com,389,2 # A SRV record indicating that there is no LDAP server for the domain # example.com #srv-host=_ldap._tcp.example.com # The following line shows how to make dnsmasq serve an arbitrary PTR # record. This is useful for DNS-SD. (Note that the # domain-name expansion done for SRV records _does_not # occur for PTR records.) #ptr-record=_http._tcp.dns-sd-services,"New Employee Page._http._tcp.dns-sd-services" # Change the following lines to enable dnsmasq to serve TXT records. # These are used for things like SPF and zeroconf. (Note that the # domain-name expansion done for SRV records _does_not # occur for TXT records.) #Example SPF. #txt-record=example.com,"v=spf1 a -all" #Example zeroconf #txt-record=_http._tcp.example.com,name=value,paper=A4 # Provide an alias for a "local" DNS name. Note that this _only_ works # for targets which are names from DHCP or /etc/hosts. Give host # "bert" another name, bertrand #cname=bertrand,bert # For debugging purposes, log each DNS query as it passes through # dnsmasq. #log-queries # Log lots of extra information about DHCP transactions. #log-dhcp # Include another lot of configuration options. #conf-file=/etc/dnsmasq.more.conf #conf-dir=/etc/dnsmasq.d # Include all the files in a directory except those ending in .bak #conf-dir=/etc/dnsmasq.d,.bak # Include all files in a directory which end in .conf #conf-dir=/etc/dnsmasq.d/,*.conf # If a DHCP client claims that its name is "wpad", ignore that. # This fixes a security hole. see CERT Vulnerability VU#598349 #dhcp-name-match=set:wpad-ignore,wpad #dhcp-ignore-names=tag:wpad-ignore My "hosts" file: 127.0.0.1 localhost 127.0.1.1 Torial-Server 192.168.0.34 mole.mishland # The following lines are desirable for IPv6 capable hosts ::1 ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters 192.168.0.34 mole.mishland 192.168.0.34 mole.mishland My resolv.conf file: nameserver 192.168.0.34 nameserver 8.8.8.8

For several days now, after several reboots I still am faced with the issue of my CentOS 7 machine not being able to ping my domain. [root@ip126 ~]# ping sub.mydomain.eu ping: sub.mydomain.eu: Name or service not known How am I able to clear whatever cache is preventing me from connecting to this address?

I have a **Linux Alpine (v3.18.6)** container running on AKS. The curl command inside that container is not able to resolve a private DNS host. Also, nslookup throws **SERVFAIL**. However, when I provide --ipv4 switch, it's able to resolve and connect (please see attached screenshot, note that I have masked the **host** in **green** and corresponding IP address in **blue** as I can't share the actual host URL information for privacy). Below are the OS details along with Nodejs and curl versions: My question is, **why is curl not able to automatically use IPv4 address while connecting?**

Both the nslookup and host commands return IPv4 addresses only. How can i retrieve the IPv6 address of a website using the terminal? (I have googled around, unfortunately I couldn't find anything useful)

##Setup On some networks I'm able to use nslookup to resolve a domain name that is pointed to a private ip address: @work> nslookup my192.ddns.net Server: 10.1.2.3 Address: 10.1.2.3#53 Non-authoritative answer: Name: my192.ddns.net Address: 192.168.20.20 However, on my home network this same query fails: @home> nslookup my192.ddns.net Server: 192.168.0.1 Address: 192.168.0.1#53 Non-authoritative answer: *** Can't find my192.ddns.net: No answer ## What Works I've found that if I change the A record for my192.ddns.net so that it points to a public IP range it will work fine: @home> nslookup my192.ddns.net Server: 192.168.0.1 Address: 192.168.0.1#53 Non-authoritative answer: Name: my192.ddns.net Address: 172.217.12.238 At home, if I specify the DNS server for nslookup, or set my laptop's DNS servers to Google's nslookup works as expected: @home> nslookup my192.ddns.net 8.8.8.8 Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: my192.ddns.net Address: 192.168.20.20 But I'd like to continue to use my home router as my primary DNS so that it can resolve local network names. I'd just like it not to fail when trying to do lookups for DNS records that point to private range addresses (eg: 192.168.20.20) ## Home Network I run [LEDE](https://lede-project.org/) (formerly [OpenWRT](https://openwrt.org/)) on my home router, which run dnsmasq. I've looked over [the documentation for DNS](https://lede-project.org/docs/user-guide/dns_configuration) and have even setup the system so that the DNS server it uses to resolve the address is Google's (8.8.8.8) - but it still fails and I can't seem to figure out why. ##Question What's happening here and how can I fix it?

I've a master bind9 DNS server and 2 slave servers running on IPv4 (Debian Jessie), using /etc/bind/named.conf: listen-on-v6 { none; }; When I try to connect from different server(s) each connection takes at least 5 seconds (I'm using Joseph's timing info for debugging): $ curl -w "@curl-format.txt" -o /dev/null -s https://example.com time_namelookup: 5.512 time_connect: 5.512 time_appconnect: 5.529 time_pretransfer: 5.529 time_redirect: 0.000 time_starttransfer: 5.531 ---------- time_total: 5.531 According to curl, lookup takes most of the time, however standard nslookup is very fast: $ time nslookup example.com > /dev/null 2>&1 real 0m0.018s user 0m0.016s sys 0m0.000s After forcing curl to use IPv4, it gets much better: $ curl -4 -w "@curl-format.txt" -o /dev/null -s https://example.com time_namelookup: 0.004 time_connect: 0.005 time_appconnect: 0.020 time_pretransfer: 0.020 time_redirect: 0.000 time_starttransfer: 0.022 ---------- time_total: 0.022 I've disabled IPv6 on the host: echo 1 > /proc/sys/net/ipv6/conf/eth0/disable_ipv6 though the problem persists. I've tried running strace to see what's the reason of timeouts: write(2, "*", 1*) = 1 write(2, " ", 1 ) = 1 write(2, "Hostname was NOT found in DNS ca"..., 36Hostname was NOT found in DNS cache ) = 36 socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP) = 4 close(4) = 0 mmap(NULL, 8392704, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f220bcf8000 mprotect(0x7f220bcf8000, 4096, PROT_NONE) = 0 clone(child_stack=0x7f220c4f7fb0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tidptr=0x7f220c4f89d0, tls=0x7f220c4f8700, child_tidptr=0x7f220c4f89d0) = 2004 rt_sigaction(SIGPIPE, {SIG_IGN, [PIPE], SA_RESTORER|SA_RESTART, 0x7f22102e08d0}, NULL, 8) = 0 rt_sigaction(SIGPIPE, NULL, {SIG_IGN, [PIPE], SA_RESTORER|SA_RESTART, 0x7f22102e08d0}, 8) = 0 rt_sigaction(SIGPIPE, {SIG_IGN, [PIPE], SA_RESTORER|SA_RESTART, 0x7f22102e08d0}, NULL, 8) = 0 rt_sigaction(SIGPIPE, {SIG_IGN, [PIPE], SA_RESTORER|SA_RESTART, 0x7f22102e08d0}, NULL, 8) = 0 poll(0, 0, 4) = 0 (Timeout) rt_sigaction(SIGPIPE, NULL, {SIG_IGN, [PIPE], SA_RESTORER|SA_RESTART, 0x7f22102e08d0}, 8) = 0 rt_sigaction(SIGPIPE, {SIG_IGN, [PIPE], SA_RESTORER|SA_RESTART, 0x7f22102e08d0}, NULL, 8) = 0 rt_sigaction(SIGPIPE, {SIG_IGN, [PIPE], SA_RESTORER|SA_RESTART, 0x7f22102e08d0}, NULL, 8) = 0 poll(0, 0, 8) = 0 (Timeout) rt_sigaction(SIGPIPE, NULL, {SIG_IGN, [PIPE], SA_RESTORER|SA_RESTART, 0x7f22102e08d0}, 8) = 0 rt_sigaction(SIGPIPE, {SIG_IGN, [PIPE], SA_RESTORER|SA_RESTART, 0x7f22102e08d0}, NULL, 8) = 0 rt_sigaction(SIGPIPE, {SIG_IGN, [PIPE], SA_RESTORER|SA_RESTART, 0x7f22102e08d0}, NULL, 8) = 0 poll(0, 0, 16) = 0 (Timeout) rt_sigaction(SIGPIPE, NULL, {SIG_IGN, [PIPE], SA_RESTORER|SA_RESTART, 0x7f22102e08d0}, 8) = 0 rt_sigaction(SIGPIPE, {SIG_IGN, [PIPE], SA_RESTORER|SA_RESTART, 0x7f22102e08d0}, NULL, 8) = 0 rt_sigaction(SIGPIPE, {SIG_IGN, [PIPE], SA_RESTORER|SA_RESTART, 0x7f22102e08d0}, NULL, 8) = 0 poll(0, 0, 32) = 0 (Timeout) rt_sigaction(SIGPIPE, NULL, {SIG_IGN, [PIPE], SA_RESTORER|SA_RESTART, 0x7f22102e08d0}, 8) = 0 rt_sigaction(SIGPIPE, {SIG_IGN, [PIPE], SA_RESTORER|SA_RESTART, 0x7f22102e08d0}, NULL, 8) = 0 rt_sigaction(SIGPIPE, {SIG_IGN, [PIPE], SA_RESTORER|SA_RESTART, 0x7f22102e08d0}, NULL, 8) = 0 poll(0, 0, 64) = 0 (Timeout) It doesn't seem to be a firewall issues as nslookup (or curl -4) is using the same DNS servers. Any idea what could be wrong? Here's tcpdump from the host tcpdump -vvv -s 0 -l -n port 53: tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes 20:14:52.542526 IP (tos 0x0, ttl 64, id 35839, offset 0, flags [DF], proto UDP (17), length 63) 192.168.1.1.59163 > 192.168.1.2.53: [bad udp cksum 0xf9f3 -> 0x96c7!] 39535+ A? example.com. (35) 20:14:52.542540 IP (tos 0x0, ttl 64, id 35840, offset 0, flags [DF], proto UDP (17), length 63) 192.168.1.1.59163 > 192.168.1.2.53: [bad udp cksum 0xf9f3 -> 0x6289!] 45997+ AAAA? example.com. (35) 20:14:52.543281 IP (tos 0x0, ttl 61, id 63674, offset 0, flags [none], proto UDP (17), length 158) 192.168.1.2.53 > 192.168.1.1.59163: [udp sum ok] 45997* q: AAAA? example.com. 1/1/0 example.com. [1h] CNAME s01.example.com. ns: example.com. [10m] SOA ns01.example.com. ns51.domaincontrol.com. 2016062008 28800 7200 1209600 600 (130) 20:14:57.547439 IP (tos 0x0, ttl 64, id 36868, offset 0, flags [DF], proto UDP (17), length 63) 192.168.1.1.59163 > 192.168.1.2.53: [bad udp cksum 0xf9f3 -> 0x96c7!] 39535+ A? example.com. (35) 20:14:57.548188 IP (tos 0x0, ttl 61, id 64567, offset 0, flags [none], proto UDP (17), length 184) 192.168.1.2.53 > 192.168.1.1.59163: [udp sum ok] 39535* q: A? example.com. 2/2/2 example.com. [1h] CNAME s01.example.com., s01.example.com. [1h] A 136.243.154.168 ns: example.com. [30m] NS ns01.example.com., example.com. [30m] NS ns02.example.com. ar: ns01.example.com. [1h] A 136.243.154.168, ns02.example.com. [1h] A 192.168.1.2 (156) 20:14:57.548250 IP (tos 0x0, ttl 64, id 36869, offset 0, flags [DF], proto UDP (17), length 63) 192.168.1.1.59163 > 192.168.1.2.53: [bad udp cksum 0xf9f3 -> 0x6289!] 45997+ AAAA? example.com. (35) 20:14:57.548934 IP (tos 0x0, ttl 61, id 64568, offset 0, flags [none], proto UDP (17), length 158) 192.168.1.2.53 > 192.168.1.1.59163: [udp sum ok] 45997* q: AAAA? example.com. 1/1/0 example.com. [1h] CNAME s01.example.com. ns: example.com. [10m] SOA ns01.example.com. ns51.domaincontrol.com. 2016062008 28800 7200 1209600 600 (130) **EDIT:** In bind logs frequently appears this message: error sending response: host unreachable Though, each query is eventually answered (it just takes 5s). All machines are physical servers (it's not fault of NAT), it's more likely that packets are being blocked by a router. Here's quite likely related question: DNS lookups sometimes take 5 seconds .

nslookup 192.168.56.81 ;; connection timed out; trying next origin ;; connection timed out; no servers could be reached There is setting in hostfile and resolv.conf . Ip is pinging. /etc/sysctl.conf --> data is present. kernel.domainname=domain name kernel.hostname=hostname /etc/sysconfig/network --> hostname file entry is present.

Why do the commands dig and nslookup sometimes print different results? ~$ dig facebook.com ; > DiG 9.9.2-P1 > facebook.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6625 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;facebook.com. IN A ;; ANSWER SECTION: facebook.com. 205 IN A 173.252.110.27 ;; Query time: 291 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Sun Oct 6 17:55:52 2013 ;; MSG SIZE rcvd: 57 ~$ nslookup facebook.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: facebook.com Address: 10.10.34.34

In our office network if I run nslookup dl.min.io I get a response with both the address and an error:

Server:		
Address:	#53

Non-authoritative answer:
Name:	dl.min.io
Address: 178.128.69.202
Name:	dl.min.io
Address: 138.68.11.125
** server can't find dl.min.io: SERVFAIL

There is no such error for other domain names. There is no such error with other DNS servers, like Google's. I do not control the DNS server, and I think it is a Win2003 server. What might be the cause of such behavior? How can I debug it further?

I have an embedded system with two ethernet ports. These two ports are connected to two different ethernet ports on a linux box. The linux box has another third port which is connected to the WAN. The setup looks like below _________________ eth0 ---- USB2ETH adapter-------(ethusb0)------------------| | (IP: 192.168.2.50) (IP: 192.168.2.1) | Linux | (Netmask: 255.255.255.0) (Netmask: 255.255.255.0) | Box |-------ethext0----WAN | | eth1----USB2ETH adapter--------(ethusb1)-------------------|_________________| (IP: 192.168.3.50) (IP: 192.168.3.1) (Netmask: 255.255.255.0) (Netmask: 255.255.255.0) Both the interfaces are in different domain but same netmask as shown above ethusb0 and ethusb1 run dhcp servers. I have updated the /etc/dhcp/dhcpd.conf accordingly and eth0 and eth1 get IP addresses assigned. On the linux box, I have setup iptables to accept and forward packets from ethusb0 to ethext0 sudo iptables --policy FORWARD ACCEPT sudo iptables -A FORWARD -i ethusb0 -o ethext0 -j ACCEPT sudo iptables -A FORWARD -i ethext0 -o ethusb0 -m state --state ESTABLISHED,RELATED -j ACCEPT sudo iptables -t nat -A POSTROUTING -o ethext0 -j MASQUERADE Similar iptables is setup for ethusb1 as well. On the linux box, I have also updated the /etc/network/interfaces for the ethusb0 and ethusb1 by adding the dns-nameservers. Lets say the server address is 192.0.3.3 Now, from the embedded system, from both the ports I'm able to ping the dns server. When I do a nslookup of the server name, it succeeds most of the time. I monitored the ethusb0 and ethext0 wireshark and I can see the nslookup request and replies. Requests are received on ethusb0 and then forwarded to ethext0 and replies from ethext0 to ethusb0. I also double confirmed by checking the forward stats counter in iptables for these interfaces. Problem: Now coming to the issue that occurs frequently. There are certain times when the nslookup fails. The query packets are received on ethusb0 but not forwarded to ethext0. Confirmed this by monitoring wireshark and also iptables stats. But the next nslookup query works succeeds. I investigated further and found an abnormality in nslookup query frames originating from the embedded system side. The frames sent out on say eth0, had MAC address of eth0 but the IP address of eth1. Its only for these kind of frames, that forwarding rule breaks. Firstly, I do not know or understand, why the query packets would contain mismatched MAC and IP address. Usually the same interface is chosen to transmit/receive packets. Its only when I bring down and up the interface(ex. eth0), then the other interface is chosen. Secondly, I'm not quite sure as to why the packets do not get forwarded. My suspicion is that there is some sort of MAC vs IP address check, being done which makes the linux machine to drop those packets. But iptables does not report any drop packets count. I checked posts such as https://unix.stackexchange.com/questions/58395/make-nslookup-use-specific-interface but it did not help. Things tried so far, 1. Different sub net masks, but still issue is seen 2. But if the interfaces are in same domain, 192.168.2.x and 192.168.2.y, the issue does not occur. Could somebody please let me know, if any additional rules have to added to iptables or should the interfaces on the embedded system side be configured in a different way?

Here's what my nslookup is doing:

ubuntu@ca:~$ time nslookup focal-250
Server:		127.0.0.53
Address:	127.0.0.53#53

Non-authoritative answer:
Name:	focal-250.test
Address: 128.8.8.187
;; connection timed out; no servers could be reached



real	0m15.024s
user	0m0.005s
sys  	0m0.018s

The first six lines (i.e, the correct response) printed instantly, then it waited 15 seconds to "time out". Something like ping does the same thing: stalls for 15 seconds, then starts working. It's an Ubuntu 20.04 LTS system running systemd-resolved. The only thing weird about it is that it has dnsmasq listening for name service on one of its interfaces, and that interface's address is configured as its own nameserver:

ubuntu@ca:~$ resolvectl 
Global
       LLMNR setting: no                  
MulticastDNS setting: no                  
  DNSOverTLS setting: no                  
      DNSSEC setting: no                  
    DNSSEC supported: no                  
          DNSSEC NTA: 10.in-addr.arpa     
                      16.172.in-addr.arpa 
                      168.192.in-addr.arpa
                      17.172.in-addr.arpa 
                      18.172.in-addr.arpa 
                      19.172.in-addr.arpa 
                      20.172.in-addr.arpa 
                      21.172.in-addr.arpa 
                      22.172.in-addr.arpa 
                      23.172.in-addr.arpa 
                      24.172.in-addr.arpa 
                      25.172.in-addr.arpa 
                      26.172.in-addr.arpa 
                      27.172.in-addr.arpa 
                      28.172.in-addr.arpa 
                      29.172.in-addr.arpa 
                      30.172.in-addr.arpa 
                      31.172.in-addr.arpa 
                      corp                
                      d.f.ip6.arpa        
                      home                
                      internal            
                      intranet            
                      lan                 
                      local               
                      private             
                      test                

Link 3 (ens5)
      Current Scopes: DNS        
DefaultRoute setting: yes        
       LLMNR setting: yes        
MulticastDNS setting: no         
  DNSOverTLS setting: no         
      DNSSEC setting: no         
    DNSSEC supported: no         
  Current DNS Server: 128.8.8.254
         DNS Servers: 128.8.8.254
          DNS Domain: test       

Link 2 (ens4)
      Current Scopes: DNS         
DefaultRoute setting: yes         
       LLMNR setting: yes         
MulticastDNS setting: no          
  DNSOverTLS setting: no          
      DNSSEC setting: no          
    DNSSEC supported: no          
  Current DNS Server: 192.168.1.1 
         DNS Servers: 192.168.1.1 
          DNS Domain: freesoft.org

ubuntu@ca:~$ ip -br addr
lo               UNKNOWN        127.0.0.1/8 ::1/128 
ens4             UP             192.168.4.183/24 fe80::e2c:d2ff:fe67:0/64 
ens5             UP             128.8.8.254/24 fe80::e2c:d2ff:fe67:1/64

ubuntu@ca:~$ tail -5 /etc/dnsmasq.conf 
listen-address=128.8.8.254
bind-interfaces
dhcp-range=128.8.8.101,128.8.8.200,12h
dhcp-authoritative
domain=test

ubuntu@ca:~$ tail -4 /etc/resolv.conf 

nameserver 127.0.0.53
options edns0 trust-ad
search test freesoft.org

It's doing what I want, which is to answer queries for the ".test" domain, but I don't understand why it stalls for 15 seconds after getting the answer.

My nslookup nslookup richardrublev.xyz Server: 127.0.0.53 Address: 127.0.0.53#53 Non-authoritative answer: *** Can't find richardrublev.xyz: No answer On Advanced DNS,I set the CNAME I checked 3 times external IP. How to inspect this?

How is this possible: % nslookup heartbeat Server: 192.168.10.1 Address: 192.168.10.1#53 Name: heartbeat.mydomain.local.lan Address: 192.168.33.6 % ping heartbeat.mydomain.local.lan ping: cannot resolve heartbeat.mydomain.local.lan: Unknown host % ping heartbeat ping: cannot resolve heartbeat: Unknown host Doesn't ping use the same source as nslookup? *** Note, that pinging internet sites work % ping www.google.com PING www.google.com (172.217.21.164): 56 data bytes 64 bytes from 172.217.21.164: icmp_seq=0 ttl=119 time=24.846 ms so don't suggest that name resolution for ping is just broken

I would like to know all changes of domain names / metadata linked to a given (wide) range of IPs. For now, I execute a batch of scripts that extract regularly the domain name / metadata behind each IP inside a given range through dig commands. Instead of a such batch / 'query', is there a way to 'listen' all new changes (among a range of IPs at least) instead? Notably an event stream endpoint or command? A bit like the following Wikimedia's endpoint that notify from all new changes: https://stream.wikimedia.org/v2/stream/recentchange Thanks in advance for your help.

On Ubuntu 16.04 REVERSE lookups to a local DNS/DHCP bind9 server on the local network are SUCCESSFUL, while on the other hand, on Ubuntu 18.04 (and higher) the REVERSE lookups FAIL. All systems are using systemd-resolved, as shown below. Any thoughts on how to get reverse lookups WORKING on 18.04+ ? ubuntu@u1604dv1:~$ ls -l /etc/resolv.conf lrwxrwxrwx 1 root root 27 May 3 19:22 /etc/resolv.conf -> /run/resolvconf/resolv.conf ubuntu@u1604dv1:~$ cat /etc/resolv.conf nameserver 127.0.1.1 search attlocal.net urdomain1.com urdomain2.com gns1.urdomain1.com ubuntu@u1604dv1:~$ cat /etc/systemd/resolved.conf [Resolve] DNS=10.209.53.2 172.29.108.2 #FallbackDNS= Domains=urdomain1.com urdomain2.com gns1.urdomain1.com #LLMNR=yes #MulticastDNS=yes #DNSSEC=no #Cache=yes #DNSStubListener=udp ubuntu@u1604dv1:~$ ubuntu@u1604dv1:~$ nslookup ora73c10 Server: 127.0.1.1 Address: 127.0.1.1#53 Name: ora73c10.urdomain1.com Address: 10.209.53.10 ubuntu@u1604dv1:~$ nslookup 10.209.53.10 Server: 127.0.1.1 Address: 127.0.1.1#53 10.53.209.10.in-addr.arpa name = ora73c10.urdomain1.com. ubuntu@u1604dv1:~$ sudo service systemd-resolved status [sudo] password for ubuntu: ● systemd-resolved.service - Network Name Resolution Loaded: loaded (/lib/systemd/system/systemd-resolved.service; enabled; vendor preset: enabled) Drop-In: /lib/systemd/system/systemd-resolved.service.d └─resolvconf.conf Active: active (running) since Sun 2020-05-03 19:22:39 CDT; 1h 14min ago Docs: man:systemd-resolved.service(8) Main PID: 1873 (systemd-resolve) Status: "Processing requests..." Tasks: 1 Memory: 616.0K CPU: 20ms CGroup: /system.slice/systemd-resolved.service └─1873 /lib/systemd/systemd-resolved May 03 19:22:39 u1604dv1 systemd: Stopped Network Name Resolution. May 03 19:22:39 u1604dv1 systemd: Starting Network Name Resolution... May 03 19:22:39 u1604dv1 systemd-resolved: Positive Trust Anchors: May 03 19:22:39 u1604dv1 systemd-resolved: . IN DS 19036 8 2 49aac11d7b6f6446702e54a1607371607a1a41855200fd2ce1cdde32f24e8fb5 May 03 19:22:39 u1604dv1 systemd-resolved: Negative trust anchors: 10.in-addr.arpa 16.172.in-addr.arpa 17.172.in-addr.arpa 18.172.in-addr.arpa 19.172.in-addr.arpa 20.172.in-addr.arpa 21.172.in-addr.arpa 22.172.in-addr.arpa 23.172.in May 03 19:22:39 u1604dv1 systemd-resolved: Using system hostname 'u1604dv1'. May 03 19:22:39 u1604dv1 systemd: Started Network Name Resolution. ubuntu@u1604dv1:~$ dig ora73c10.urdomain1.com ; > DiG 9.10.3-P4-Ubuntu > ora73c10.urdomain1.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER /run/systemd/resolve/stub-resolv.conf ubuntu@u1804dv1:~$ cat /etc/resolv.conf nameserver 127.0.0.53 options edns0 search urdomain1.com urdomain2.com gns1.urdomain1.com attlocal.net ubuntu@u1804dv1:~$ cat /etc/systemd/resolved.conf [Resolve] DNS=10.209.53.2 172.29.108.2 #FallbackDNS= Domains=urdomain1.com urdomain2.com gns1.urdomain1.com #LLMNR=yes #MulticastDNS=yes #DNSSEC=no #Cache=yes #DNSStubListener=udp ubuntu@u1804dv1:~$ ls -l /etc/resolv.conf lrwxrwxrwx 1 root root 37 May 3 20:28 /etc/resolv.conf -> /run/systemd/resolve/stub-resolv.conf ubuntu@u1804dv1:~$ nslookup 10.209.53.10 ** server can't find 10.53.209.10.in-addr.arpa: NXDOMAIN ubuntu@u1804dv1:~$ sudo service systemd-resolved status [sudo] password for ubuntu: ● systemd-resolved.service - Network Name Resolution Loaded: loaded (/lib/systemd/system/systemd-resolved.service; enabled; vendor preset: enabled) Active: active (running) since Sun 2020-05-03 20:28:33 CDT; 8min ago Docs: man:systemd-resolved.service(8) https://www.freedesktop.org/wiki/Software/systemd/resolved https://www.freedesktop.org/wiki/Software/systemd/writing-network-configuration-managers https://www.freedesktop.org/wiki/Software/systemd/writing-resolver-clients Main PID: 2735 (systemd-resolve) Status: "Processing requests..." Tasks: 1 (limit: 4664) CGroup: /system.slice/systemd-resolved.service └─2735 /lib/systemd/systemd-resolved May 03 20:28:33 u1804dv1 systemd: Stopped Network Name Resolution. May 03 20:28:33 u1804dv1 systemd: Starting Network Name Resolution... May 03 20:28:33 u1804dv1 systemd-resolved: Positive Trust Anchors: May 03 20:28:33 u1804dv1 systemd-resolved: . IN DS 19036 8 2 49aac11d7b6f6446702e54a1607371607a1a41855200fd2ce1cdde32f24e8fb5 May 03 20:28:33 u1804dv1 systemd-resolved: . IN DS 20326 8 2 e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d May 03 20:28:33 u1804dv1 systemd-resolved: Negative trust anchors: 10.in-addr.arpa 16.172.in-addr.arpa 17.172.in-addr.arpa 18.172.in-addr.arpa 19.172.in-addr.arpa 20.172.in-addr.arpa 21.172.in-addr.arpa 22.172.in-addr.arpa 23.172.in May 03 20:28:33 u1804dv1 systemd-resolved: Using system hostname 'u1804dv1'. May 03 20:28:33 u1804dv1 systemd: Started Network Name Resolution. May 03 20:28:54 u1804dv1 systemd-resolved: Server returned error NXDOMAIN, mitigating potential DNS violation DVE-2018-0001, retrying transaction with reduced feature level UDP. May 03 20:36:04 u1804dv1 systemd-resolved: Server returned error NXDOMAIN, mitigating potential DNS violation DVE-2018-0001, retrying transaction with reduced feature level UDP. ubuntu@u1804dv1:~$ dig ora73c10.urdomain1.com ; > DiG 9.11.3-1ubuntu1.11-Ubuntu > ora73c10.urdomain1.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19276 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 65494 ;; QUESTION SECTION: ;ora73c10.urdomain1.com. IN A ;; ANSWER SECTION: ora73c10.urdomain1.com. 3054 IN A 10.209.53.10 ;; Query time: 0 msec ;; SERVER: 127.0.0.53#53(127.0.0.53) ;; WHEN: Sun May 03 20:37:49 CDT 2020 ;; MSG SIZE rcvd: 67 ubuntu@u1804dv1:~$ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

I cannot nslookup github: nslookup github 8.8.8.8 ;; connection timed out; no servers could be reached nslookup github.com ;; connection timed out; no servers could be reached nb: default ns server = gw = router 4g = 192.168.0.1 (a cache dns server I guess). I am on a 192.168.0.0/24, my ip = 192.168.0.130, bcast = 192.168.0.255, ip given by router via dhcp. my nslookup seems to be working: nslookup google.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: google.com Address: 142.250.187.206 Name: google.com Address: 2a00:1450:4009:81f::200e I can tlslookup github.com tlslookup github.com 140.82.113.4 nb: I dont know why resolution works with this tool and not with nslookup. I tried to grab infos regarding tlslookup over google but nothing. I check with dig (just in case my nslookup does not work fine). Unfortunately the pb remains with this tool. dig github.com ; > DiG 9.16.27-Debian > github.com ;; global options: +cmd ;; connection timed out; no servers could be reached dig @8.8.8.8 github.com ; > DiG 9.16.27-Debian > @8.8.8.8 github.com ; (1 server found) ;; global options: +cmd ;; connection timed out; no servers could be reached Obviously all commands relying on name resolution wont work, but for the sake of the post, I tried some of them: ping $(tlslookup github.com) PING 140.82.114.3 (140.82.114.3) 56(84) bytes of data. 64 bytes from 140.82.114.3: icmp_seq=1 ttl=50 time=259 ms 64 bytes from 140.82.114.3: icmp_seq=2 ttl=50 time=317 ms 64 bytes from 140.82.114.3: icmp_seq=3 ttl=50 time=238 ms ^C --- 140.82.114.3 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2002ms rtt min/avg/max/mdev = 237.514/271.189/316.968/33.546 ms but ping github.com ping: github.com: Temporary failure in name resolution openssl s_client -connect github.com:443 140311527400768:error:2008F002:BIO routines:BIO_lookup_ex:system lib:../crypto/bio/b_addr.c:730:Temporary failure in name resolution connect:errno=11 wget github.com --2022-04-28 09:52:02-- http://github.com/ Resolving github.com (github.com)... failed: Temporary failure in name resolution. wget: unable to resolve host address ‘github.com’ I tried to wget website ip address: wget 140.82.113.3 --2022-04-28 10:01:13-- http://140.82.113.3/ Connecting to 140.82.113.3:80... connected. HTTP request sent, awaiting response... 301 Moved Permanently Location: https://140.82.113.3/ [following] --2022-04-28 10:01:13-- https://140.82.113.3/ Connecting to 140.82.113.3:443... connected. The certificate's owner does not match hostname ‘140.82.113.3’ if I browse the ip address, I have got a warning message saying the cert is wrong, if I try to pass it over (accept risk), there is no way to access website. nothing blocking in my hosts file: cat /etc/hosts 127.0.0.1 localhost 127.0.1.1 zavata.circus.net zavata # The following lines are desirable for IPv6 capable hosts ::1 localhost ip6-localhost ip6-loopback ff02::1 ip6-allnodes ff02::2 ip6-allrouters Everything look fine in my routing table (192.168.0.1 beeing my default gw, a 4g router) route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.0.1 0.0.0.0 UG 600 0 0 wlp1s0 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 wlp1s0 192.168.0.0 0.0.0.0 255.255.255.0 U 600 0 0 wlp1s0 Many thanx folks !!

I know that dig queries the DNS server in the /etc/resolv.conf but I read that the difference between dig and nslookup is that dig uses OS resolver libraries. But what are the OS resolver libraries?

I try to use name resolution and get IP address of a web site. I used **nslookup** command and use 6'th line of its output. Because I noticed that output of nslookup contains IP address(in IPv4) in 6'th line. My command was :

website=
IP=$(nslookup "$website" | head -n 6 | tail -n 1 | cut -d" " -f2)

Also I tried sed command to reach the same goal and used :

website=
IP=$(nslookup "$website" | sed -n 6p | cut -d" " -f2)

result was the same, result is unreliable, sometimes worked, sometimes not. It works correctly but not always. Sometimes it reads the 7'th line, not the 6'th line and fails. Actually I solved my problem using another approach :

website=
newIP=$(nslookup "$website" | grep "Address: " | head -n 1 | cut -d" " -f2)

which gave the correct line and IP address everytime(although it can give more than one IP > nslookup can return more than one IP ) Why do the first two codes fail?

I am trying to figure out why doing a SRV record search on Ubuntu will not work without specifically including the FQDN on the end of the address. I have the domain name listed in my resolv.conf within the search parameter. The search works on Windows using nslookup without appending the FQDN though. I've been unable to find anything on the various forums. The query just returns NXDOMAIN unless I put the FQDN.