about recursion and NS RR
Chris De Young
chd at arizona.edu
Wed Jan 4 22:03:39 UTC 2006
Diego Woitasen wrote:
> The escenario is:
> i have one master DNS server for mil.ar zone, with the following
> entries:
>
> ns1.ara IN A 200.80.200.12
> ara IN NS ns1.ara.mil.ar.
> IN NS dibas15.diba.org.ar.
>
> and "recursion no" in named.conf.
>
> When i try to do a query with host from other machine i get an error. If
> a change to "recursion yes" works.
It sounds like when you have recursion disabled, your client is (correctly)
getting a referral back instead of the answer. If the client is a Windows box
or other typical dumb resolver, it probably doesn't know what to do with a
referral (many/most don't). When you turn recursion on, Bind goes and gets the
answer for you instead of asking you to do it.
> Why bind provide an error if it have the information requested? The NS
> record are in the server. Bind doesn't not considers itself as
> authoritive of NS records of delegated domains?
A delegation is essentially an "end of authority." The authority is over
there, not here, so to speak, so no - Bind doesn't consider itself
authoritative for the data in the delegated zone, because it's not.
> And other question, what is the diferrence between Anwer, Authoritative
> and Additional RR in replys?
Answer is, well, the answer. Authoritative is a flag indicating whether the
answer came from an authoritative source (as opposed to someone's cache, for
example). The additional section contains other RRs that you didn't ask for
but that might be helpful.
-Chris
More information about the bind-users
mailing list