[dns-operations] Authoritative name server replies NODATA for a non-existing domain
Stephane Bortzmeyer
bortzmeyer at nic.fr
Wed Apr 22 13:12:24 UTC 2015
Strange behavior:
% for ns in $(dig +nodnssec +short NS adult.); do
echo $ns
dig @$ns NS thisdomaincertainlydoesnotexist.adult |& grep status:
done
d0.nic.adult.
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13433
c0.nic.adult.
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23111
a0.nic.adult.
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3358
a2.nic.adult.
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48334
b2.nic.adult.
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29932
b0.nic.adult.
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58405
IMHO, all the name servers should reply NXDOMAIN, no?
DNSviz does complain:
http://dnsviz.net/d/adult/dnssec/?rr=all&a=all&ds=all&doe=on&ta=.&ta=dlv.isc.org.&tk=
More information about the dns-operations
mailing list