[dns-operations] 2600::a1 (ns1-auth.sprintlink.net)
Robert Edmonds
edmonds at mycre.ws
Thu Feb 16 19:59:21 UTC 2017
David C Lawrence wrote:
> Jim Popovitch writes:
> > ~$ dig MX ups.com @ns1-auth.sprintlink.net
> > ...
> > ;; WARNING: recursion requested but not available
> > ....
> >
> > I'm not always in the loop on things like this, how common is that?
>
> Extremely. By default dig asks for recursive resolution, and it has
> no sense whether the target @server is a resolver or authoritative
> server. Most authoritative servers are properly not configured to
> allow recursion, so when the answer comes back without the recursion
> available flag set dig just makes a note of that.
>
> You can use dig +norec to turn off the recursion desired flag in the
> query, and that will make the warning go away.
If I understand correctly, this message is printed when the answer comes
back with RD=1 and RA=0. dig +norec doesn't suppress the warning in all
cases, because an auth could still send that header bit pattern.
(IIRC, a long time ago google.com's nameservers would respond with RD=1,
RA=0 even when the query had RD=0, which would trigger the warning even
when running dig with +norec. Thanks to whoever fixed that because it
was really annoying.)
--
Robert Edmonds
More information about the dns-operations
mailing list