[dns-operations] named actually asks for ANY
Mark_Andrews at isc.org
Thu Sep 28 08:14:22 UTC 2006
> Hi all.
> Here I (and possibly one or two others) had the belief that named
> would "never ask for ANY". I was blackboxtesting BIND with tcpdump and
> asked it with
> $ dig @127.0.0.1 aq. any
> and here's the (for me) remarkable result (I have removed time stamps):
> 192.168.11.129.53 > 18.104.22.168.53: 39426 [1au] ANY? aq. (31)
> 192.168.11.129.53 > 22.214.171.124.53: 19713 [1au] NS? . (28)
> 126.96.36.199.53 > 192.168.11.129.53: 39426- 4/4/6 NS FLAG.EP.NET., NS
> SLAVE1.STH.NETNOD.SE., NS NS-EXT.ISC.ORG., NS NS1.DNS.aq. (288)
> 188.8.131.52.53 > 192.168.11.129.53: 19713*- 13/0/14 NS
> E.ROOT-SERVERS.NET., NS D.ROOT-SERVERS.NET., NS A.ROOT-SERVERS.NET.,
> NS H.ROOT-SERVERS.NET., NS C.ROOT-SERVERS.NET., NS
> G.ROOT-SERVERS.NET., NS F.ROOT-SERVERS.NET., NS B.ROOT-SERVERS.NET.,
> NS J.ROOT-SERVERS.NET., NS K.ROOT-SERVERS.NET., NS
> L.ROOT-SERVERS.NET., NS M.ROOT-SERVERS.NET., NS I.ROOT-SERVERS.NET.
> Is this supposed to happen? I thought it'd only give you what it had
> in it's cache prior to the req, if you asked it for ANY.
Yes it is supposed to happen. If there is something in the
cache then the * query will be anwered from the cache. When
the cache is empty (as it was above) there is nothing in
the cache to return so it goes out and fetches it.
If 184.108.40.206 had returned a referral rather than a answer
you would have seen a second query for aq/*/in with a modern
version of named.
> -- Robert, .dk
> dns-operations mailing list
> dns-operations at lists.oarci.net
ISC Training! October 16-20, 2006, in the San Francisco Bay Area,
covering topics from DNS to DHCP. Email training at isc.org.
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the dns-operations