On Wed, Oct 21, 2015 at 1:24 PM, Lukas Tribus <[email protected]> wrote: > Hi Robin, > > >> Hey guys, >> >> Actually when you get an NXDOMAIN reply you can just stop resolving that >> domain. Basically there are 2 types of "negative" replies in DNS: >> >> NODATA: basically this is when you don't get an error (NOERROR in dig), >> but not the actual data you are looking for. You might have gotten some >> CNAME data but no A or AAAA record (depending on what you wanted >> obviously). This means that the actual domain name does exist, but >> doesn't have data of the type you requested. The term NODATA is used in >> DNS RFC's but it doesn't actually have its own error code. >> >> NXDOMAIN: This is denoted by the NXDOMAIN error code. It means that >> either the domain you requested itself or the last target domain from a >> CNAME does not exist at all (IE no data whatsoever) and there also isn't >> a wildcard available that matches it. So if you asked for an A record, >> getting an NXDOMAIN means there also won't be an AAAA record. >> >> The above explanation is a bit of an over simplification cause there are >> also things like empty non-terminals which also don't have any data, but >> instead of an NXDOMAIN actually return a NODATA (in most cases, there >> are some authoritative servers that don't do it properly). But the end >> result is that you can pretty much say that when you get NXDOMAIN, there >> really is nothing there for you so you can just stop looking (at least >> at that the current server). > > Thanks for clarifying, I didn't know about this. Good thing we didn't > implemented anything yet. > > Baptiste, whats the current behavior when an empty response with > NOERROR is received? > > Regards, > > Lukas
Hi, This is already handled when I detect response without NX code and no response records (DNS_RESP_ANCOUNT_ZERO) or no response record corresponding to the query (DNS_RESP_NO_EXPECTED_RECORD). And of course, both codes above triggers a query type failover. Baptiste
