ignoring incorrect nameservers in authority section
Stacey Jonathan Marshall - Solaris Software
stacey.marshall at oracle.com
Thu Dec 30 11:32:34 UTC 2010
On 12/30/10 10:45, Torinthiel wrote:
> Dnia 2010-12-30 18:03 pyh at mail.nsbeta.info napisał(a):
>
>> Sunil Shetye writes:
>>
>>> Case 2: Lame Server Reply
>>>
>>> ===================================================================
>>> $ dig +norecurse @a.iana-servers.net. example.org.
>>> ;; flags: qr ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0
>>>
>>> ;; QUESTION SECTION:
>>> ;example.org. IN A
>>>
>>> ;; ANSWER SECTION:
>>> example.org. 172800 IN A 192.0.32.10
>>>
>>> ;; AUTHORITY SECTION:
>>> example.org. 172800 IN NS ns1.example.org.
>>> example.org. 172800 IN NS ns2.example.org.
>>> ===================================================================
>>>
>>> This is a lame server reply. bind ignores this reply. bind will give a
>>> server fail reply to the client.
>>>
>>
>> Would you please tell me why this is a lame server reply? why bind will
>> give a server fail reply to the client? Thanks again a lot.
> Because it's contrary to itself.
> You've specified norecurse, which means that if nameserver believes it has
> authorative data it should return it, if it doesn't it should return a
> referral (and no answer beside it).
No, the +norecurse asks the server to provide any answer it has, and not to go
looking for it if it does not have an answer. So from the response above the
server has already cached an answer. Note too that the 'aa' (authoritative
answer) flag is not set. Which is interesting as the same query for me gets:
$ dig +norecurse @a.iana-servers.net. example.org.
;<<>> DiG 9.3.6-P1<<>> +norecurse @a.iana-servers.net. example.org.
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 811
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0
;; QUESTION SECTION:
;example.org. IN A
;; ANSWER SECTION:
example.org. 172800 IN A 192.0.32.10
;; AUTHORITY SECTION:
example.org. 172800 IN NS a.iana-servers.net.
example.org. 172800 IN NS b.iana-servers.net.
;; Query time: 144 msec
;; SERVER: 192.0.34.43#53(192.0.34.43)
;; WHEN: Thu Dec 30 11:29:24 2010
;; MSG SIZE rcvd: 104
--
--Stacey
More information about the bind-users
mailing list