'dig -t any ...' question

Kevin Darcy kcd at daimlerchrysler.com
Wed Jun 16 02:22:16 UTC 2004 

Barry Margolin wrote:

>In article <calhbv$6ba$1 at sf1.isc.org>,
> Kevin Darcy <kcd at daimlerchrysler.com> wrote:
>
>
>>Barry Margolin wrote:
>>
>>
>>>In article <calb87$2osn$1 at sf1.isc.org>,
>>>Kevin Darcy <kcd at daimlerchrysler.com> wrote:
>>>
>>> 
>>>
>>>
>>>>That's fine and dandy. We all understand that DNS is "loosely coupled", 
>>>>and that caching requires all sorts of tradeoffs and compromises. But I 
>>>>think personally QTYPE=* has been compromised to the point of almost 
>>>>being unusable for its originally-intended purpose.
>>>>   
>>>>
>>>>
>>>Just what *is* that purpose?  I don't see any indication in RFC 1034; no 
>>>real justification is given for its existence.
>>>
>>>
>>RFCs are specification documents, they don't necessarily justify the 
>>existence of every aspect of what they specify. But it seems rather 
>>obvious to me that the purpose of QTYPE=* is to efficiently retrieve all 
>>relevant RRsets owned by a particular DNS name, as opposed to querying 
>>all of those RRsets individually. The way QTYPE=* has been implemented, 
>>however, has rendered it so untrustworthy that very few apps that could 
>>benefit from this efficiency even bother to issue QTYPE=* queries any 
>>more. This is a pity, all the more so because it would be a rather 
>>elegant way to retrieve both A and AAAA records for a given name, and 
>>thus ease the migration to IPv6.
>>
>
>But RFC 1034 included an example of QTYPE=* being sent to caching 
>servers, showing that different servers will return different records 
>based on what they happened to have cached at the time.  So the problem 
>is in the original design, not BIND's implementation.
>
Nope. Those example queries were *non-recursive* as per the following 
text in the Section 6.2 intro:

    Unless otherwise noted, the queries do not have recursion desired (RD)
    in the header. 

Nowhere is there a specific example in RFC 1034 of a response to a 
*recursive* QTYPE=* query, but one would assume, based on generic 
descriptions of recursive resolvers and how they are supposed to 
operate, that a recursive resolver would make its best efforts to get a 
complete answer, which clearly BIND and other implementations do not. 
Frankly, I think the implementors misread the RFC 1034 examples the same 
way you did, and refuse to admit their mistake.

                                                                         
                                    - Kevin

More information about the bind-users mailing list