Bind-9 strangeness ?
Barry Margolin
barry.margolin at level3.com
Thu Aug 14 21:23:57 UTC 2003
In article <bhgu3u$28up$1 at sf1.isc.org>, <phn at icke-reklam.ipsec.nu> wrote:
>Asking for something non-existing
>> dig folkuniversitetet.se. txt
>
>; <<>> DiG 9.2.2 <<>> folkuniversitetet.se. txt
>;; global options: printcmd
>;; Got answer:
>;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24954
>;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
>
>;; QUESTION SECTION:
>;folkuniversitetet.se. IN TXT
>
>;; AUTHORITY SECTION:
>folkuniversitetet.se. 10800 IN SOA fuggns1.fu-v.com.
>dns.fu-v.com. 2003081303 10800 3600 604800 21600
>
>;; Query time: 29 msec
>;; SERVER: 127.0.0.1#53(127.0.0.1)
>;; WHEN: Thu Aug 14 21:29:00 2003
>;; MSG SIZE rcvd: 94
>
>Note that dig output says nothing strange here. But a
Yes, it *is* strange. It's returning an NXDOMAIN status, which means that
the name doesn't exist at all. It should return a NOERROR status, with an
empty ANSWER SECTION, to indicate that the name exists but has no records
of the requested type.
>question about
>> dig folkuniversitetet.se. ns
>
>; <<>> DiG 9.2.2 <<>> folkuniversitetet.se. ns
>;; global options: printcmd
>;; Got answer:
>;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14954
>;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
>
>;; QUESTION SECTION:
>;folkuniversitetet.se. IN NS
>
>;; AUTHORITY SECTION:
>folkuniversitetet.se. 8719 IN SOA fuggns1.fu-v.com.
>dns.fu-v.com. 2003081303 10800 3600 604800 21600
>
>returns no information. Dumping database at this time
>reveals :
>dumpdb ger :
>; authauthority
>folkuniversitetet.se. 9908 \-ANY ;-$
>; additional
>fc.folkuniversitetet.se. 82997 A 212.247.178.101
>; authanswer
>www.folkuniversitetet.se. 82900 A 212.247.178.100
This is normal negative caching. An authoritative server said that the
name doesn't exist, so a negative cache entry was created for it.
Of course, there's a strange inconsistency here: it says that the name
doesn't exist, but then put an SOA record for the very same name in the
AUTHORITY SECTION.
>Now, is this a bug in bind-9 ? Or is this the "correct behaviour" ?
I think it's a bug in fuggns1.fu-v.com's DNS software. BIND 8 and 9 happen
to react to it a little differently, that's all. But the old saying
applies: Garbage In, Garbage Out.
--
Barry Margolin, barry.margolin at level3.com
Level(3), Woburn, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.
More information about the bind-users
mailing list