authoritative: use other than for zone xfer?
Barry Margolin
barmar at genuity.net
Thu Jun 29 23:26:50 UTC 2000
In article <200006272353.JAA08746 at bsdi.dv.isc.org>,
<Mark.Andrews at nominum.com> wrote:
>
>> In article <200006270249.MAA05917 at bsdi.dv.isc.org>,
>> <Mark.Andrews at nominum.com> wrote:
>> >
>> >> Len Conrad wrote:
>> >>
>> >> > Other than enabling/disabling zone transfers, what other
>> >> > advantage/disadvantage is there to an NS being authoritative or not?
>> >> >
>> >> > eg, who/what else cares if an authoritative NS is answering with correct
>> >> > data but non-authoritatively?
>> >
>> > Namservers. If aa is not set they will reject answers as being
>> > possibly in error.
>>
>> Do they really reject non-authoritative answers?
>
> Yes. See src/bin/named/ns_resp.c, search for "Lame server".
> The fact that the server is lame is cached for 10 minutes
> (default).
I searched for that, and the comments above it indicate that "Lame server"
warnings are only generated when the server returns a referral to the same
or higher level. I'm a bit confused by that, because I thought that was
what caused "bad referral" errors. I searched for that, but had trouble
backtracking to figure out the specific logic that resulted in this
message; the best I can make out is that they both occur when the response
contains delegations to the same or higher level, and "Lame server" occurs
when this is non-authoritative, while "bad delegation" occurs when it's
authoritative.
I looked through ns_resp.c for all the uses of hp->aa and it didn't seem
like any of them caused the answer to be ignored, but I admit that I can't
always figure out named code very well (I'm usually pretty good at figuring
out program logic, but named is pretty complex). ns_resp.c is especially
confusing because some parts of it are looking at the fields in the
response to a recursive query that it sent out, while others are looking at
the fields in a response that it's about to send to the client.
--
Barry Margolin, barmar at genuity.net
Genuity, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.
More information about the bind-users
mailing list