resolver's behavior
Kirk Bradel
kirkb at dogsplace.net
Fri Apr 21 00:59:49 UTC 2006
Barry Margolin wrote:
> In article <e2964j$2u9e$1 at sf1.isc.org>,
> Kevin Darcy <kcd at daimlerchrysler.com> wrote:
>
>> Frank Y.F. Luo wrote:
>>
>>> I am a little confused about a resolver's behavior, like ping command,
>>> nslookup command,
>>>
>>> I am querying against a DNS server with recursive turned off
>>>
>>> #dig www.slashdot.com
>>>
>>> ; <<>> DiG 9.2.4 <<>> www.slashdot.com
>>> ;; global options: printcmd
>>> ;; Got answer:
>>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1794
>>> ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 0
> ....
>> Command-line tools like "ping" typically use the "system" resolver,
>> which is usually configurable (via a system config file like
>> /etc/nsswitch.conf or the like) and may or may not even include DNS as
>> one of its sources of name information. If the system resolver does look
>> at DNS at all, it'll do so by generating recursive rather than
>> non-recursive queries. So for a valid comparison to what "ping" is
>> seeing, you should do recursive rather than non-recursive queries.
>
> He did. Don't you see "rd" (Recursion Desired) in the "flags:" field?
> It's the server that has recursion disabled (hence the missing "ra"
> flag), not the client.
>
I just duplicated the OP results. Using a Windows resolver with a
c:\windows\system32\drivers\etc\resolv.conf pointing at an authoritative
only name server, I get the same results (as expected). Which is
exactly what Kevin was trying to explain. "Dig" used the resolv.conf
and "ping" used the system configured recursive name server.
C:\WINDOWS\system32\drivers\etc>dig www.slashdot.net
; <<>> DiG 9.3.2 <<>> www.slashdot.net
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1192
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 0
;; QUESTION SECTION:
;www.slashdot.net. IN A
;; AUTHORITY SECTION:
.. 3600000 IN NS A.ROOT-SERVERS.net.
.. 3600000 IN NS B.ROOT-SERVERS.net.
.. 3600000 IN NS C.ROOT-SERVERS.net.
.. 3600000 IN NS D.ROOT-SERVERS.net.
.. 3600000 IN NS E.ROOT-SERVERS.net.
.. 3600000 IN NS F.ROOT-SERVERS.net.
.. 3600000 IN NS G.ROOT-SERVERS.net.
.. 3600000 IN NS H.ROOT-SERVERS.net.
.. 3600000 IN NS I.ROOT-SERVERS.net.
.. 3600000 IN NS J.ROOT-SERVERS.net.
.. 3600000 IN NS K.ROOT-SERVERS.net.
.. 3600000 IN NS L.ROOT-SERVERS.net.
.. 3600000 IN NS M.ROOT-SERVERS.net.
;; Query time: 46 msec
;; SERVER: 66.218.71.63#53(66.218.71.63)
;; WHEN: Thu Apr 20 19:55:21 2006
;; MSG SIZE rcvd: 242
C:\WINDOWS\system32\drivers\etc>ping www.slashdot.net
Pinging www.slashdot.net [208.254.3.166] with 32 bytes of data:
More information about the bind-users
mailing list