Question about authoritative server and AA Authoritative Answer
Petr Menšík
pemensik at redhat.com
Mon Jan 15 15:20:18 UTC 2024
Please use home.arpa, as defined by RFC 8375. Or better use existing and
registered domain of you or your organization.
What kind of resolver is running on DNS server? Which version?
I would guess dnsmasq or similar. That is willing and able to forward
just queries of selected types, while answering others itself. I think
any proper DNS server does organize its authoritative zones and will
answer with AA for any answer from it.
Are you sure you are asking correct server? Have you tried dig
@172.16.0.254 pc1.reseau1.lan ?
I would guess you have systemd-resolved running on pc1 and it answers
just A type queries itself, but forwards SOA and NS queries.
Cheers,
Petr
On 14. 01. 24 23:04, Michel Diemer via bind-users wrote:
> Ders bind users,
>
> I have already asked a similar question which was more about DNS in
> general , this one is very specific about the AA bit.
>
> Today's question is : *« "dig pc1.reseau1.lan ns"*** show AUTHORITY: 1
> and "**dig pc1.reseau1.lan" shows AUTHORITY: 0. Which setting or
> knowledge am I missing** ? If possible, how to get AA answers for
> QNAME queries ? »**
>
> I have set up two virtual machines on a virtual local network using
> Oracle VirtualBox. One machine is a DNS authoritative-only server. The
> zone is named "reseau1.lan" and defined only in bind9 zone files. If I
> really have to, I will name it "reseau1.home.arpa" according to RFC
> 8375. (I chose .lan inspired by RFC 6762 appendix G). The IP address
> of the DNS server is 172.16.0.254 and the IP address of pc1 is
> 172.16.0.21.
>
>
> *dig soa reseau1.lan*: the AA bit is set, which is what I am looking for
>
> ͏ ͏ ͏
>
> * dig pc1.reseau1.lan ns*: the AA bit is set
>
> ͏ ͏ ͏ ͏
>
> *dig pc1.reseau1.lan*: _*the AA bit is not set. Why ? Which setting or
> knowledge am I missing ?*_
>
>
>
> Below my "named.conf.options" file
>
> ͏
>
>
> ͏ ͏ ͏ ͏
>
--
Petr Menšík
Software Engineer, RHEL
Red Hat,http://www.redhat.com/
PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20240115/96c0b292/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 5400853000000119embeddedImage
Type: image/png
Size: 5348 bytes
Desc: not available
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20240115/96c0b292/attachment-0004.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 6206303000000119embeddedImage
Type: image/png
Size: 5427 bytes
Desc: not available
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20240115/96c0b292/attachment-0005.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 8504625embeddedImage
Type: image/png
Size: 8645 bytes
Desc: not available
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20240115/96c0b292/attachment-0006.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 13119901000000238embeddedImage
Type: image/png
Size: 6496 bytes
Desc: not available
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20240115/96c0b292/attachment-0007.png>
More information about the bind-users
mailing list