variable dig results
John Wobus
jw354 at cornell.edu
Fri Jan 6 22:34:01 UTC 2012
On Jan 6, 2012, at 11:14 AM, David Forrest wrote:
> On Fri, 6 Jan 2012, M. Meadows wrote:
>> Wondering why we get variable results from the following
>> command: dig eftc.thehartford.com
>> (sometimes we get authority section and additional section
>> feedback ... sometimes we don't)
>
>>
>> ;; Query time: 52 msec
>> ;; SERVER: 172.25.17.185#53(172.25.17.185) ;; WHEN: Fri Jan 6
>> 00:10:02 2012 ;; MSG SIZE rcvd: 202
>>
>>
>> I assume this is due to differences in response from different auth
>> nameservers. If that's the case ... what does one have set up to
>> return the 2nd response?
>
> As the server wasn't specified, dig tries each of the servers listed
> in /etc/resolv.conf and used 172.25.17.185 both times, one with the
> rd flag set and got a non-authoritative answer and an
> authoritative. I'd assume there are multiple instances or views and
> you're getting cached answers occasionally. If consistency is
> needed, maybe specify the server with @server and/or +[no]recurse
The cited dig answers differ in that only one has the 'rd' flag
("recursion desired"), which
suggests to me a difference in the queries.
It would be interesting to know whether +recurse versus +norecurse
controls it. Also, +qr would
let you directly see what flags are in the query.
It's a mystery if the answers differ despite the exact same dig
command, the same client IP and
client computer login (i.e., same .digrc if one exists). If it's from
different client IPs,
Bind "views" configured on the server could cause such a different.
John Wobus
More information about the bind-users
mailing list