RFC 6303 and bind 9.9.0

Barry Margolin barmar at alum.mit.edu
Fri Mar 2 16:16:54 UTC 2012 

In article <mailman.102.1330686511.63724.bind-users at lists.isc.org>,
 "Spain, Dr. Jeffry A." <spainj at countryday.net> wrote:

> >> No, it requires a rebuild after changing lib/dns/rootns.c. But using a 
> >> mildly out-of-date hints file is usually harmless - it is only a *hint*.
> 
> > Right. One of the first things BIND does after starting up is query one of 
> > the root servers to get the current set of root servers.
> 
> Thanks. This is not what I am seeing using tcpdump and capturing port 53. 
> Using a test bind9.9.0 resolver, I restarted the bind9 service to clear the 
> cache and load the built-in root hints. There was no DNS traffic for a minute 
> until I issued the first dig query to the server. The first DNS packet 
> transmitted was to send this query to the IPv4 address of i.root-servers.net 
> (192.36.148.17). The second query, 300 microsec later also to 
> i.root-servers.net, was for "NS <root>". I didn't see any packets querying 

I said "one of the first things".  I think the second query fits that 
description.

> for addresses of the root servers. It might be that if that second query 
> returned the name of a new root server not in the built-in hints, bind9.9.0 
> would query for its address at some point.

Didn't the answer to the NS query include the addresses in the 
Additional Section?  It does when I perform the query manually.  It gets 
cut off with the default packet size, but if EDNS0 is used it will 
include them all.

; <<>> DiG 9.6-ESV-R4-P3 <<>> . ns @i.root-servers.net +norec
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2819
;; flags: qr aa; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 14

;; QUESTION SECTION:
;.          IN NS

;; ANSWER SECTION:
.        518400   IN NS j.root-servers.net.
.        518400   IN NS c.root-servers.net.
.        518400   IN NS l.root-servers.net.
.        518400   IN NS h.root-servers.net.
.        518400   IN NS e.root-servers.net.
.        518400   IN NS g.root-servers.net.
.        518400   IN NS m.root-servers.net.
.        518400   IN NS i.root-servers.net.
.        518400   IN NS d.root-servers.net.
.        518400   IN NS f.root-servers.net.
.        518400   IN NS a.root-servers.net.
.        518400   IN NS b.root-servers.net.
.        518400   IN NS k.root-servers.net.

;; ADDITIONAL SECTION:
a.root-servers.net.  3600000  IN A  198.41.0.4
a.root-servers.net.  3600000  IN AAAA  2001:503:ba3e::2:30
b.root-servers.net.  3600000  IN A  192.228.79.201
c.root-servers.net.  3600000  IN A  192.33.4.12
d.root-servers.net.  3600000  IN A  128.8.10.90
d.root-servers.net.  3600000  IN AAAA  2001:500:2d::d
e.root-servers.net.  3600000  IN A  192.203.230.10
f.root-servers.net.  3600000  IN A  192.5.5.241
f.root-servers.net.  3600000  IN AAAA  2001:500:2f::f
g.root-servers.net.  3600000  IN A  192.112.36.4
h.root-servers.net.  3600000  IN A  128.63.2.53
h.root-servers.net.  3600000  IN AAAA  2001:500:1::803f:235
i.root-servers.net.  3600000  IN A  192.36.148.17
i.root-servers.net.  3600000  IN AAAA  2001:7fe::53

-- 
Barry Margolin
Arlington, MA

More information about the bind-users mailing list