non-autoritative answer

Barry Margolin barmar at genuity.net
Thu Apr 27 20:01:47 UTC 2000


In article <390855E4.9283172C at landis.nl>,
Tony Earnshaw  <tearnshaw at landis.nl> wrote:
>Jack Watts wrote:
>
>> When I query my server with NSLOOKUP I get "non-autoritative answer"
>for some sites,
>> when other non-autoritative servers for that domain do give me
>"non-autoritative answer" message.
>> Is this a misconfiguration?
>
>If you use dig instead of nslookup, you will always be given the extra
>info. on which nameserver(s) is (are) authoritative for that FQDN, in
>which case you'd never get that kind of an answer. 'man dig' will tell
>you very explicitely why you should be using dig - and not nslookup.
>host -a is even more explicit.

This is wrong.  The extra information is just the NS records for the
domain; whether those machines are actually authoritative for the domain
depends on whether the NS records are correct and the machines are properly
configured.  You can put anything you want in NS records and they'll show
up in that extra info; they don't have to have any relationship to reality.

And the answer with dig will still be either authoritative or
non-authoritative depending on whether you queried the authoritative server
for the domain or your local caching server.  This shows up in the "flags:"
section of the output -- if it contains "aa" then it's authoritative.

-- 
Barry Margolin, barmar at genuity.net
Genuity, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.



More information about the bind-users mailing list