Behaviour of a recursive DNS server
JINMEI Tatuya / 神明達哉
Jinmei_Tatuya at isc.org
Tue Jun 10 18:38:05 UTC 2008
At Tue, 10 Jun 2008 14:30:08 +0800,
"yjchu" <yjchui at cht.com.tw> wrote:
> I am trying IPv6 NAT-PT, so I wish my DNS server (my ISP DNS server) can be
> purely recursive.
>
> So, I send a recursive query, and my DNS server does reply recursively but
> with strange behaviors described as following:
> ----------------------
>
> Sometimes, the DNS server will have two replies for single one query.
>
> The first reply will only contain the CNAME but no A or AAAA record
> (address) information for the CNAME.
>
> Then, the second reply has all the information, including CNAME and A/AAAA
> record information.
Can you provide specific domain names and query types that cause this
result?
> I have tried to build up my own DNS server using Bind 9.2.1 and make it
> support recursive reply.
I'm not sure if it's related to the issue, but I'd suggest you use a
more recent version. 9.2.1 is way too old and is basically not
supported any more.
> I find that sometimes, the reply of my DNS server just contains CNAME record
> for my query name, no further information. (No second reply with address
> information).
>
> However, from the sniffer, the recursive flag in DNS reply is set !!!!
This may be a typo, but in case you really looked at the reply, you
should rather look at the recursive (RD) flag of the *query*.
Finally, you cannot always assume that a response contains a complete
chain to the final answer. You'll need to adapt your software (the
DNS client) so that it can handle an incomplete CNAME/DNAME chain
anyway.
---
JINMEI, Tatuya
Internet Systems Consortium, Inc.
More information about the bind-users
mailing list