[bitfolk] Re: Check yo PTRs

Hi Hugo, On Wed, Nov 20, 2024 at 05:44:18PM +0000, Hugo Mills via BitFolk Users wrote: Your problem is indicated… DnsResponse { message: Message { header: Header { id: 47788, message_type: Response, op_code: Query, authoritative: false, truncation: false, recursion_desired: true, recursion_available: false, authentic_data: false, checking_disabled: false, response_code: Refused, # <----- HERE query_count: 1, answer_count: 0, name_server_count: 0, additional_count: 1 }, queries: [ Query { name: Name("carfax.org.uk."), query_type: AXFR, query_class: IN } ], answers: [], name_servers: [], additionals: [], signature: [], edns: Some(Edns { rcode_high: 0, version: 0, dnssec_ok: false, max_payload: 1232, options: OPT { options: {} } }) }, buffer: [ 186, 172, 129, 5, 0, 1, 0, 0, 0, 0, 0, 1, 6, 99, 97, 114, 102, 97, 120, 3, 111, 114, 103, 2, 117, 107, 0, 0, 252, 0, 1, 0, 0, 41, 4, 208, 0, 0, 0, 0, 0, 0 ] } The tool necessarily has to do an AXFR to get all of the address records in the zone. There's no other way besides having the zone file on disk (I intend to add support for that). So, you are not permitted to do an AXFR. You would get exactly the same response doing this: $ dig -t axfr carfax.org.uk @85.119.80.222 I suggest doing it against your own name server which you can configure to allow you to do an AXFR from wherever you like, or just localhost. This is going to be such a common error condition that I should detect it and print a nice message, not just a debug of the full DNS response. Thanks, Andy -- https://bitfolk.com/ -- No-nonsense VPS hosting