DNS question
Barry Margolin
barmar at alum.mit.edu
Wed Dec 15 05:34:28 UTC 2004
In article <cpo3mt$376$1 at sf1.isc.org>, Tim Kelley <tim at it.kpt.cc>
wrote:
> A simple question ...
>
> Is it legal for a nameserver to ever flag a response with "AA" when it is not
> authoritative for a zone?
>
> I notice windows nameservers who permit recursion will flag a response with
> "AA" (fetched from the authoritative server) the first time the lookup is
> done. Afterwards, when just fetching from it's cache, it does not.
>
> Bind never does this.
BIND used to do this. It was changed in BIND 9.
The old behavior was that an answer was non-authoritative if it came
from the cache. If the server didn't have the information in its cache,
it forwarded the query, and then simply passed the response unchanged to
its client. So if the response came back with the AA flag set, the
client would see this.
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
More information about the bind-users
mailing list