[dns-operations] about the ADDITIONAL SECTION
Feng He
fenghe at nsbeta.info
Fri Jun 28 02:04:57 UTC 2013
Hi,
Sorry for my not good english.
Says I have a domain a.com, whose NS records are:
ns1.b.com
ns2.b.com
But b.com is not auth-resolved by my nameserver, for example, its
auth-servers are registrar's.
a.com is auth-resolved by my own nameservers, the NS records look as:
a.com. 111 IN NS ns1.b.com.
a.com. 111 IN NS ns2.b.com.
But, if I add the zone b.com into the nameservers' zone file (though the
zone is not auth-resolved by my servers as I've said), and setup the A
records with fake IP for ns1.b.com and ns2.b.com. When query for:
dig a.com ns
The nameservers will answer with the additional section whose content is
the fake IPs.
;; ANSWER SECTION:
a.com. 111 IN NS ns1.b.com.
a.com. 111 IN NS ns2.b.com.
;; ADDITIONAL SECTION:
ns1.b.com. 111 IN A 1.2.3.4
ns2.b.com. 111 IN A 5.6.7.8
Will this make the world's DNS cache not work? i.e, the ISP's public DNS
servers.
Thanks.
More information about the dns-operations
mailing list