[dns-operations] 2600::a1 (ns1-auth.sprintlink.net)

Robert Edmonds edmonds at mycre.ws
Thu Feb 16 19:59:21 UTC 2017

David C Lawrence wrote:
> Jim Popovitch writes:
> > ~$ dig MX ups.com @ns1-auth.sprintlink.net
> > ...
> > ;; WARNING: recursion requested but not available
> > ....
> > 
> > I'm not always in the loop on things like this, how common is that?
> Extremely.  By default dig asks for recursive resolution, and it has
> no sense whether the target @server is a resolver or authoritative
> server.  Most authoritative servers are properly not configured to
> allow recursion, so when the answer comes back without the recursion
> available flag set dig just makes a note of that.
> You can use dig +norec to turn off the recursion desired flag in the
> query, and that will make the warning go away.

If I understand correctly, this message is printed when the answer comes
back with RD=1 and RA=0. dig +norec doesn't suppress the warning in all
cases, because an auth could still send that header bit pattern.

(IIRC, a long time ago google.com's nameservers would respond with RD=1,
RA=0 even when the query had RD=0, which would trigger the warning even
when running dig with +norec. Thanks to whoever fixed that because it
was really annoying.)

Robert Edmonds

More information about the dns-operations mailing list