dig results
Kevin Darcy
kcd at daimlerchrysler.com
Fri Sep 14 22:23:09 UTC 2001
RJHM van den Bergh wrote:
> Hi,
>
> I did some dig query to look up a problem and got a reply that looks a
> little strange to me.
> It made me curious so here is the query
>
> [root at jads /root]# dig www.chaletboisrond.tc.ca
>
> ; <<>> DiG 9.1.0 <<>> www.chaletboisrond.tc.ca
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19065
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;www.chaletboisrond.tc.ca. IN A
>
> ;; AUTHORITY SECTION:
> tc.ca. 7367 IN SOA ns.freenet.victoria.bc.ca.
> dns.freenet.victoria.bc.ca. 2001013003 20000 10000 604800 86400
>
> ;; Query time: 7 msec
> ;; SERVER: 10.255.255.254#53(10.255.255.254)
> ;; WHEN: Fri Sep 14 20:40:55 2001
> ;; MSG SIZE rcvd: 105
>
> I see no slave dns server which seems wierd to me.
> Also the authorative section replies with two dns server.
> Two master dns servers ??
>
> What does that line mean ?
For normal DNS responses, you're probably used to seeing NS records for all
of the authoritative servers for the zone listed in the Authority Section.
But, when the name you query doesn't exist (an NXDOMAIN response), the server
sends back an SOA record in the Authority Section, which has a different
format than an NS record. Are you not familiar with SOA records? You need to
configure one of them in every zone you host, so if you've worked with DNS a
while you should have recognized it.
If you're curious, you could read RFC 2308 to see *why* an SOA record is
returned in NXDOMAIN responses.
- Kevin
More information about the bind-users
mailing list