Confused server?

Kevin Darcy kcd at daimlerchrysler.com
Tue Aug 1 23:11:46 UTC 2000 

You are misreading nslookup's output. "Authoritative answers can be found
from" is just nslookup's best *guess* as to what servers would give
authoritative answers for the zone; certainly nslookup has not gone through
and verified that each one is in fact answering authoritatively for it --
that would be a lot of work for little gain. So it is quite common for a
non-authoritatively-answering server -- a so-called "lame" server -- to
appear in this section of the output. Technically, the "Authoritative
answers can be found from" section of nslookup's output is just a rendering
of the "Authority" section of the DNS response.

The more important piece of information in that output is "Non-authoritative
answer". Technically, this means the "AA" (Authoritative Answer) flag was
not set in the response packet. If this response came from a server which
has defined the zone as a "master" zone, then it means the server didn't
load the zone properly. Look in your logs for the cause, most likely some
sort of syntax error.

Note that "dig" is generally considered to be a better DNS troubleshooting
tool than "nslookup". It clearly delineates between sections of a response,
for example, instead of misleading people with mushy "Authoritative answers
can be found from" types of verbiage. It also clearly shows the flags
associated with DNS queries and responses, including the presence or absence
of the AA flag.


- Kevin

Jason Williams wrote:

> I believe i have a confused server..     For some reason (probably
> misconfiguration)  my master DNS for my domain is set to both a
> authoritive, and non-authoritive server.  because of this i can't get the
> slave DNS to replicate the zone.
>
> here is what nslookup gives me.
>
> nslookup -query=any fubaria.net
> Server:  localhost
> Address:  127.0.0.1
>
> Non-authoritative answer:
> fubaria.net     nameserver = NS.fubaria.net
> fubaria.net     nameserver = NS2.fubaria.net
> fubaria.net     internet address = 208.37.196.64
>
> Authoritative answers can be found from:
> fubaria.net     nameserver = NS.fubaria.net
> fubaria.net     nameserver = NS2.fubaria.net
> NS.fubaria.net  internet address = 208.37.196.64
> NS2.fubaria.net internet address = 208.37.196.65
>
> if anyone can give light to this error/misconfig,  Please inform me.
>
> Thanks,
> Jason Williams

More information about the bind-users mailing list