[dns-operations] Anyone from Google here?

Robert Evans evansr at google.com
Mon Jun 15 18:55:45 UTC 2020


On Tue, May 12, 2020 at 9:06 AM Shumon Huque <shuque at gmail.com> wrote:

> On Mon, May 11, 2020 at 1:48 PM Robert Evans via dns-operations <
> dns-operations at dns-oarc.net> wrote:
>
>> From: Robert Evans <evansr at google.com>
>> On Fri, Apr 17, 2020 at 1:23 PM Robert Evans <evansr at google.com> wrote:
>>
>>> [...]
>>>
>>> Not sure the motivation for why the server does that, but I agree it
>>> should be NOERROR or NXDOMAIN for all RTYPEs that don't exist including
>>> unknown ones. We're looking into this and will get back to you.
>>>
>>
>> Following up here: I've confirmed this behavior is an oversight and will
>> be corrected in an upcoming server release.
>>
>
> Hi Bob,
>
> I just want to elaborate on one important point from Mark's earlier
> response.
>
> For the query in question (google.com, type 1001), the response should be
> NOERROR, and not NXDOMAIN (the name google.com exists, so the response
> cannot be NXDOMAIN, regardless of what query type was issued).
> Specifically, it should be a "NODATA" response (response code: NOERROR, an
> empty answer section, and a SOA record in the Authority section). More
> generally, if the domain name exists (either because it has other RR types
> associated with it, or if it has none but has descendent nodes that do have
> RRsets), then the response must be NODATA.
>
> Shumon.
>

Hi Shumon,

Thanks for the explanation; it matches our existing understanding of RFC
3597.

Looks like the name server is doing the right thing now:

$ dig +norec @ns1.google.com google.com type1001 | grep answer -A1
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51296

$ dig +norec @ns1.google.com does-not-exist.google.com type1001 | grep
answer -A1
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59533

-Bob
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20200615/f6478203/attachment.html>


More information about the dns-operations mailing list