No query to root-nameserver for private ips

[Leopold Aichinger]

Am Tue, 14 Mar 2006 15:19:30 -0500 schrieb Kevin Darcy:

 What happens if you do a 
> query directly of the 10.in-addr.arpa domain, e.g. for its SOA record? 
> Do you get a good response?
> 


Sorry I forgot to answer your second question:

If I do a (logged in on the internal dns):

# host -vt soa 10.in-addr.arpa 127.0.0.1

I get the following output:
----------------------------------
Trying "10.in-addr.arpa"
Using domain server:
Name: 127.0.0.1
Address: 127.0.0.1#53
Aliases: 

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55061
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

;; QUESTION SECTION:
;10.in-addr.arpa.		IN	SOA

;; ANSWER SECTION:
10.in-addr.arpa.	604800	IN	SOA	router1.bfi20s. administrator.baz.at.10.in-addr.arpa. 1997022700 10800 3600 604800 86400

;; AUTHORITY SECTION:
10.in-addr.arpa.	604800	IN	NS	router1.bfi20s.

;; ADDITIONAL SECTION:
router1.bfi20s.		38400	IN	A	172.30.0.2
router1.bfi20s.		38400	IN	A	10.10.10.11

Received 150 bytes from 127.0.0.1#53 in 1 ms
-----------------------------

Looks fine, does'nt it
but if I do a query for 10.11.12.13(for a host in a net we don't use)
I get (The query was done directly logged in on the internal dns):

# dig 10.11.12.13

I get the following output:
---------------------------------------------
; <<>> DiG 9.2.4 <<>> 10.11.12.13
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62626
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;10.11.12.13.			IN	A

;; AUTHORITY SECTION:
.			10800	IN	SOA	A.ROOT-SERVERS.NET. NSTLD.VERISIGN-GRS.COM. 2006031401 1800 900 604800 86400

;; Query time: 347 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Mar 15 08:26:32 2006
;; MSG SIZE  rcvd: 104
----------------------------------------------
Note the Query time - 347 msec - which also gives a hint that the dns
tries to query an external dns.

thx

leopold aichinger