[dns-operations] a question on sub-zone authorization
Paul Vixie
paul at redbarn.org
Thu Jun 1 15:01:40 UTC 2017
On Thu, Jun 1, 2017 at 8:28 AM, Peng Yonghua <pyh at vodafonemail.de> wrote:
>
...
> $ dig org.uk <http://org.uk>. ns @d.root-servers.net
>
...
> ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 8, ADDITIONAL: 13
> ;; WARNING: recursion requested but not available
peng, you're being told something specific here. it is a referral, not
an answer. the server is not giving you what you asked for; it's telling
you where to find what you're asking for.
...
> Then I dig this:
>
> $ dig org.uk <http://org.uk>. ns @dns2.nic.uk <http://dns2.nic.uk>
...
> ;; flags: qr aa rd; QUERY: 1, ANSWER: 8, AUTHORITY: 0, ADDITIONAL: 0
whereas here, you are being told the answer to your question.
> I think the data path should be: root nameservers -> .uk nameservers
> -> .org.uk <http://org.uk> nameservers
>
> since .uk nameservers are the same with .org.uk
> nameservers, so the reference from uk to org.uk is
> not needed.
>
> Do I guess it right? thanks in advance.
you do not guess right. in the second case, you asked for something that
the server was authoritative for -- so, you got an answer.
--
P Vixie
More information about the dns-operations
mailing list