proving a server doesn't have a zone
Andy Shellam
andy-lists at networkmail.eu
Mon Jun 1 19:48:11 UTC 2009
Hi Todd,
You can easily check this by checking for the "AA" flag in dig's output.
An authoritative domain:
......
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2
......
A non-authoritative (or cached) domain:
......
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 7, ADDITIONAL: 0
......
Notice the "aa" missing from the "flags" field.
HTH,
Andy
Todd Snyder wrote:
> Good afternoon,
>
> I am writing some verification steps for a change. The change in
> question is to remove a zone from a server and replace it with a
> delegation. I need to validate that the local server is no longer
> answering authoritatively, instead making sure I'm getting a delegated
> answer.
>
> I have full access to the shell on the server, and I am looking for a to
> verify that a server does not hold a zone.
>
> I'm sure I'm just having a dumb moment, and that the return codes from
> dig can give me what I need, but I can't figure it out.
>
> Can anyone help point me in the right direction?
>
> Cheers,
>
> Todd.
>
> ---------------------------------------------------------------------
> This transmission (including any attachments) may contain confidential information, privileged material (including material protected by the solicitor-client or other applicable privileges), or constitute non-public information. Any use of this information by anyone other than the intended recipient is prohibited. If you have received this transmission in error, please immediately reply to the sender and delete this information from your system. Use, dissemination, distribution, or reproduction of this transmission by unintended recipients is not authorized and may be unlawful.
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
More information about the bind-users
mailing list