AUTHORITY=0?
Greg Chavez
greg.chavez at gmail.com
Fri Dec 29 15:38:12 UTC 2006
On 12/28/06, Georgy Goshin <gosha at inbox.ee> wrote:
> The problem is that the secondary mail server does not transfers zones lv &
> lt, it says "not authoritive"
>
> dig shows absolutley the same picture on all 3 zones when quering the
> primary server, when asking for SOA it gives an authoritive answer but when
> asking for NS it geves an answer but writes AUTORITY=0... on all 3 zones ee,
> lv and lt
>
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 2
>
>
> Can't even understand there the mistake could be...
You are misinterpreting dig's output.
Look at the flags. "aa" means authoritative answer. If you dig
google.com or any other zone besides yours, you'll notice that this
flag is missing. The other flags tell you that the recursion was
desired -- rd -- and that the server accepts recursive queries from
you -- ra. These are lit bits from the header of the DNS packet (see
RFC 1035 section 4.1.1). The "qr" bit is turned on with the return
packet -- query response.
The rest are just counters that describe the content of the query
response -- also part of the DNS packet. The authority counter (#
NS records) is usually set to 0 when you send a query *for* NS
records... you should get them with an SOA query, unless you have
configured your server to return minimal responses.
We could probably give you more answers (as the other responder noted)
if you gave us a less obfuscated configuration and the complete dig
output you saw.
--Greg Chavez
More information about the bind-users
mailing list