Answers from cache or authority section?
Steven Carr
sjcarr at gmail.com
Tue Jun 25 16:07:06 UTC 2013
On 25 June 2013 16:53, John Horne <john.horne at plymouth.ac.uk> wrote:
> So what I now do not understand is why (at home) I can do several
> reverse lookups for different IP addresses, and they all give me an
> answer. Likewise if I do something like:
>
> dig -x 141.163.99.16 @8.8.8.8
>
> I get a non-authoritative answer. If I repeat this for addresses
> 141.163.99.17, 18, 20 and so on I get answers. In all these cases
> shouldn't the first lookup work and subsequent ones fail? Using Google's
> name server, shouldn't it at some point have received the authoritative
> answer with the AUTHORITY section NS records and so be using those
> (internal) name servers for subsequent lookups?
Using Google you will get unexpected results, not sure exactly what
caching engine they use but it doesn't work like most other caching
servers, they definitely do some jiggery pokery with the results (I've
seen Google continue to return correct results for domains that had
completely corrupted NS records both in the parent and authoritative).
I would suggest you install a local copy of BIND configured for
recursion and let it do the queries for you then you can also use rndc
to inspect the cache for yourself.
Steve
More information about the bind-users
mailing list