multiple answers from the same server

Mark Andrews Mark_Andrews at isc.org
Thu Dec 20 13:30:06 UTC 2007 

> On Thu, Dec 20, 2007 at 01:47:07PM +0200,
>  Haim [Howard] Roman <roman at jct.ac.il> wrote 
>  a message of 54 lines which said:
> 
> > The command "host -v www.drama.org" returns *3* answers from the
> > *same* DNS server.
> 
> Very broken server, by the way (see later).
> 
> > In addition, "dig" returns only the 1st answer.
> 
> By default, dig queries only records of type A. They work at
> drama.org.
> 
> host queries also AAAA and MX record types. Hence the three requests,
> and, since the authoritative name server is broken
> (record-type-dependent lameness), the two SERVFAIL from your recursor.
> 
> (Discovered with tcpdump and confirmed with dig.)

	This is what happens when you don't actually configure the
	zone that you requested to be delegated to you but instead
	you try to cheat and just put the records in a "parent" zone
	which is not delegated to you.

	Named treats it as attempted cache poisioning.

	Mark

% dig www.drama.org a @204.13.161.15 +norec 

; <<>> DiG 9.3.4-P1 <<>> www.drama.org a @204.13.161.15 +norec
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22382
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.drama.org.                 IN      A

;; ANSWER SECTION:
www.drama.org.          3600    IN      A       208.73.212.12

;; Query time: 163 msec
;; SERVER: 204.13.161.15#53(204.13.161.15)
;; WHEN: Fri Dec 21 00:09:30 2007
;; MSG SIZE  rcvd: 47

% dig www.drama.org aaaa @204.13.161.15 +norec

; <<>> DiG 9.3.4-P1 <<>> www.drama.org aaaa @204.13.161.15 +norec
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2710
;; flags: qr aa; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;www.drama.org.                 IN      AAAA

;; AUTHORITY SECTION:
org.                    86400   IN      SOA     tld1.ultradns.net.org. domadmin.ultradns.net.org. 1186094864 1800 900 604800 86400

;; Query time: 162 msec
;; SERVER: 204.13.161.15#53(204.13.161.15)
;; WHEN: Fri Dec 21 00:09:35 2007
;; MSG SIZE  rcvd: 94

% 
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org

More information about the bind-users mailing list