[dns-operations] Single label queries on Windows (11)

Petr Menšík pemensik at redhat.com
Sat Jul 8 05:35:35 UTC 2023 

Ah, this is embarrassing. Yes, trailing dot have helped.

I am sorry for the confusion.

 >nslookup -type=ns org.
Server: pihole
Address: 192.168.88.9

Non-authoritative answer:
org nameserver = b2.org.afilias-nst.org <http://b2.org.afilias-nst.org/>
org nameserver = a2.org.afilias-nst.info <http://a2.org.afilias-nst.info/>
org nameserver = c0.org.afilias-nst.info <http://c0.org.afilias-nst.info/>
org nameserver = b0.org.afilias-nst.org <http://b0.org.afilias-nst.org/>
org nameserver = a0.org.afilias-nst.info <http://a0.org.afilias-nst.info/>
org nameserver = d0.org.afilias-nst.org <http://d0.org.afilias-nst.org/>

a0.org.afilias-nst.info <http://a0.org.afilias-nst.info/> internet 
address = 199.19.56.1
a2.org.afilias-nst.info <http://a2.org.afilias-nst.info/> internet 
address = 199.249.112.1
b0.org.afilias-nst.org <http://b0.org.afilias-nst.org/> internet address 
= 199.19.54.1
b2.org.afilias-nst.org <http://b2.org.afilias-nst.org/> internet address 
= 199.249.120.1
c0.org.afilias-nst.info <http://c0.org.afilias-nst.info/> internet 
address = 199.19.53.1
d0.org.afilias-nst.org <http://d0.org.afilias-nst.org/> internet address 
= 199.19.57.1
a0.org.afilias-nst.info <http://a0.org.afilias-nst.info/> AAAA IPv6 
address = 2001:500:e::1
a2.org.afilias-nst.info <http://a2.org.afilias-nst.info/> AAAA IPv6 
address = 2001:500:40::1
b0.org.afilias-nst.org <http://b0.org.afilias-nst.org/> AAAA IPv6 
address = 2001:500:c::1
b2.org.afilias-nst.org <http://b2.org.afilias-nst.org/> AAAA IPv6 
address = 2001:500:48::1
c0.org.afilias-nst.info <http://c0.org.afilias-nst.info/> AAAA IPv6 
address = 2001:500:b::1
d0.org.afilias-nst.org <http://d0.org.afilias-nst.org/> AAAA IPv6 
address = 2001:500:f::1


On 7/7/23 20:32, Viktor Dukhovni wrote:
> On Fri, Jul 07, 2023 at 08:09:39PM +0200, Petr Menšík wrote:
>
>> I have tested recently how Windows 11 behaves when resolving single
>> label queries.
>>
>> I have expected it might try to use LLMNR. But I did not expect it would
>> do so also when trying nslookup, a tool which should be DNS only tool.
>>
>> I have tried:
>>
>> nslookup -type=ns com 9.9.9.9
> It is not too surprising if this is also subject to the default suffix
> list of the network "connection", which initialises the resolution
> context, and then just overrides the server.  Have you tried:
>
>      nslookup -type=ns com. 9.9.9.9
>
> with an explicit trailing "."?

I thought I have tried that, but turns out I have tried that only when
testing behavior of systemd-resolved installation on Linux, where it was useless.
On Windows it helps. Parameter -debug showed it indeed
appends default domain suffix and does not try without it after negative
  response.

nslookup from ISC BIND9 behaves a bit better, but that is an acceptable difference.

$ nslookup -domain=home.arpa -debug -type=ns org

Server:        127.0.0.1
Address:    127.0.0.1#53

------------
     QUESTIONS:
     org.home.arpa, type = NS, class = IN
     ANSWERS:
     AUTHORITY RECORDS:
     ->  home.arpa
     origin = localhost
     mail addr = nobody.invalid
     serial = 1
     refresh = 3600
     retry = 1200
     expire = 604800
     minimum = 10800
     ttl = 10800
     ADDITIONAL RECORDS:
------------
** server can't find org.home.arpa: NXDOMAIN
Server:        127.0.0.1
Address:    127.0.0.1#53

------------
     QUESTIONS:
     org, type = NS, class = IN
     ANSWERS:
     ->  org
     nameserver = b0.org.afilias-nst.org.
     ttl = 1824
     ->  org
     nameserver = b2.org.afilias-nst.org.
     ttl = 1824
     ->  org
     nameserver = c0.org.afilias-nst.info.
     ttl = 1824
     ->  org
     nameserver = d0.org.afilias-nst.org.
     ttl = 1824
     ->  org
     nameserver = a0.org.afilias-nst.info.
     ttl = 1824
     ->  org
     nameserver = a2.org.afilias-nst.info.
     ttl = 1824
     AUTHORITY RECORDS:
     ADDITIONAL RECORDS:
------------
Non-authoritative answer:
org    nameserver = b0.org.afilias-nst.org.
org    nameserver = b2.org.afilias-nst.org.
org    nameserver = c0.org.afilias-nst.info.
org    nameserver = d0.org.afilias-nst.org.
org    nameserver = a0.org.afilias-nst.info.
org    nameserver = a2.org.afilias-nst.info.

Authoritative answers can be found from:

>> Got NXDOMAIN. I were very suprised, learned that does not exist. Even
>> more suprising were fact, that it presented the result came from the
>> specified server.
> But the result should have been for "com.<your-default-suffix>."
> What happens when you configure the network connection with a default
> suffix of "."?
"nslookup -domain=. -type=ns com" works fine as well.

-- 
Petr Menšík
Software Engineer, RHEL
Red Hat,https://www.redhat.com/
PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20230708/da4523dd/attachment-0001.html>

More information about the dns-operations mailing list