[dns-operations] NXDOMAIN and negative caching

[Michael Smitasin]

Just wanted to confirm my understanding:

- An NXDOMAIN / Name Error response indicates the domain name does not 
exist, while a No Data response indicates the domain exists but no data 
of the queried type exists. (Mostly looking at RFC 1035 Section 5.2.1)
- An NXDOMAIN should be cached for a given QNAME, QCLASS. (RFC 2038 
Section 5)

What I infer from that (perhaps it's explicitly stated elsewhere?) is 
two things:

- An NXDOMAIN indicates /no/ records exist for that name.
- When an NXDOMAIN is cached, it will be returned for /any/ QTYPE 
matching the same QNAME, QCLASS.

We have a situation where an authoritative server (outside our control) 
is returning a good A record but when the same name is queried for an NS 
record, it returns NXDOMAIN. Once our caching nameservers get that 
NXDOMAIN, they start returning it to our client queries for the A 
record. If my understanding of the above is true, our caching 
nameservers are behaving correctly, but the authoritative server should 
not be returning NXDOMAIN for that name? If so, is anyone familiar with 
the circumstances where that would be the case or have recommendations I 
can forward on to the operators of that authoritative server?

Thanks,

-- 
Michael Smitasin
Network Engineer
LBLnet Services Group
Lawrence Berkeley National Laboratory