[dns-operations] NXDOMAIN vs NOERROR/no answers for non-existant records
Shumon Huque
shuque at gmail.com
Fri Apr 3 13:06:20 UTC 2020
On Fri, Apr 3, 2020 at 8:20 AM Stephane Bortzmeyer <bortzmeyer at nic.fr>
wrote:
> On Fri, Apr 03, 2020 at 07:48:16AM -0400,
> Shumon Huque <shuque at gmail.com> wrote
> a message of 98 lines which said:
>
> > The second one, doesnotexist.monitor.itconsult.net., does not appear
> to be
> > delegated from its parent.
>
> This is not what I see. Both are delegated from itconsult.net
> (source: their SOA).
>
Ah, yes. The subtlety here (which I didn't notice at first) is that
monitor.itconsult.net is served by the same name servers as its parent.
Since most authority servers answer from their closest enclosing zone, most
iterative debugging tools like dig+trace etc won't see the delegation.
Shumon.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20200403/e539150c/attachment.html>
More information about the dns-operations
mailing list