Re: cache server with authoritative answer
On Sat, 2011-01-29 at 14:49 +0800, p...@mail.nsbeta.info wrote: The book Pro DNS and BIND says: If the caching server obtains its data directly from an authoritative DNS, then it too will respond as authoritative. Ohterwise, if the data is supplied from its cache, the response is nonauthoritative. So this means even for a cache only server it can answer with authoritative response? I have been thinking the cache only server shouldn't do this. Regards. ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users If the caching-only server does not have an answer to a query in its cache and recurses and gets an authoritative response, it, too, will set the AA bit. If it gets another query for the name that is now cached, the AA bit will not be set. Further, if any host responding to a query already has the information in cache, the AA bit will not be set. In simple terms, if the response to a query comes directly from information at an authoritative source, the AA bit is set. ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: cache server with authoritative answer
That is no longer the case. It doesn't respond authoritative on the first query. -Ben Croswell On Jan 30, 2011 10:01 AM, Kevin Oberman ober...@es.net wrote: On Sat, 2011-01-29 at 14:49 +0800, p...@mail.nsbeta.info wrote: The book Pro DNS and BIND says: If the caching server obtains its data directly from an authoritative DNS, then it too will respond as authoritative. Ohterwise, if the data is supplied from its cache, the response is nonauthoritative. So this means even for a cache only server it can answer with authoritative response? I have been thinking the cache only server shouldn't do this. Regards. ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users If the caching-only server does not have an answer to a query in its cache and recurses and gets an authoritative response, it, too, will set the AA bit. If it gets another query for the name that is now cached, the AA bit will not be set. Further, if any host responding to a query already has the information in cache, the AA bit will not be set. In simple terms, if the response to a query comes directly from information at an authoritative source, the AA bit is set. ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: cache server with authoritative answer
No, BIND 8 was broken this was also. This was fixed in BIND 9. As for non-BIND name servers, anything goes. Chris Buxton BlueCat Networks On 1/29/11, Barry Margolin bar...@alum.mit.edu wrote: In article mailman.1566.1296284011.555.bind-us...@lists.isc.org, p...@mail.nsbeta.info wrote: The book Pro DNS and BIND says: If the caching server obtains its data directly from an authoritative DNS, then it too will respond as authoritative. Ohterwise, if the data is supplied from its cache, the response is nonauthoritative. So this means even for a cache only server it can answer with authoritative response? I have been thinking the cache only server shouldn't do this. BIND 4 worked this way, but I think it was changed in BIND 8. -- Barry Margolin, bar...@alum.mit.edu Arlington, MA *** PLEASE don't copy me on replies, I'll read them in the group *** ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users -- Sent from my mobile device ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: cache server with authoritative answer
In message aanlktinnokvhtux8f9-dfgcl2lkzjfe+wmb_xxk0r...@mail.gmail.com, Chris Buxton writes: No, BIND 8 was broken this was also. This was fixed in BIND 9. As for non-BIND name servers, anything goes. Chris Buxton BlueCat Networks It depended on the BIND 8 version. Running everything through the cache cleaned up the answers the stub resolvers saw. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: cache server with authoritative answer
In article mailman.1566.1296284011.555.bind-us...@lists.isc.org, p...@mail.nsbeta.info wrote: The book Pro DNS and BIND says: If the caching server obtains its data directly from an authoritative DNS, then it too will respond as authoritative. Ohterwise, if the data is supplied from its cache, the response is nonauthoritative. So this means even for a cache only server it can answer with authoritative response? I have been thinking the cache only server shouldn't do this. BIND 4 worked this way, but I think it was changed in BIND 8. -- Barry Margolin, bar...@alum.mit.edu Arlington, MA *** PLEASE don't copy me on replies, I'll read them in the group *** ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
cache server with authoritative answer
The book Pro DNS and BIND says: If the caching server obtains its data directly from an authoritative DNS, then it too will respond as authoritative. Ohterwise, if the data is supplied from its cache, the response is nonauthoritative. So this means even for a cache only server it can answer with authoritative response? I have been thinking the cache only server shouldn't do this. Regards. ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users