Problem with "authoritative answer"
Chris Buxton
clists at buxtonfamily.us
Fri Sep 13 19:02:13 UTC 2013
On Sep 11, 2013, at 8:11 AM, Brian Cuttler <brian at wadsworth.org> wrote:
> We have remapped some of our DNS clients to point to another
> DNS resolver, one that we do not control, but that has "forwarder"
> records in place to point our domain's address resolution requests
> back to an authoritative server in our domain.
>
> Dig is showing authoritative answer when I query my domain's server
> for an address that I own.
>
> Dig is NOT showing authoritative when I query the other domain's server.
>
> I'd have thought that the forwarded request, coming from my server,
> would have resulted in an authoritative reply.
When you query a non-authoritative server, such as one configured to forward the query to another server, the result is supposed to be marked non-authoritative. That's the point of the 'aa' flag. Not all name servers behave this way, but they are supposed to. BIND 9 behaves correctly.
Regards,
Chris Buxton
More information about the bind-users
mailing list