a death loop with DNS query
Stephane Bortzmeyer
bortzmeyer at nic.fr
Wed Jul 6 14:02:15 UTC 2011
On Wed, Jul 06, 2011 at 08:23:45AM -0500,
Lyle Giese <lyle at lcrcomputer.net> wrote
a message of 56 lines which said:
> That is not a loop at all.
I disagree. As dig clearly says, there is an horizontal referral: the
name servers are supposed to be authoritative for blogchina.org and
mytest.blogchina.org but keep sending back the delegation (and with AA
set).
% dig @112.90.143.36 s1.mytest.blogchina.org
; <<>> DiG 9.7.1 <<>> @112.90.143.36 s1.mytest.blogchina.org
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56637
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;s1.mytest.blogchina.org. IN A
;; AUTHORITY SECTION:
mytest.blogchina.org. 600 IN NS ns2.dnsv5.com.
mytest.blogchina.org. 600 IN NS ns1.dnsv5.com.
> However at least from here and it appears from where you are doing
> the querys, these name servers are not responding.
Wrong. They do reply but incorrectly.
More information about the bind-users
mailing list