What will break: "Non-authoritative answer"

[Kevin Darcy]

Normal application-embedded resolvers shouldn't care about authoritative
versus non-authoritative, since they generally don't even know whether
they're talking to a caching server or not. The only thing that I could
imagine caring would be other nameservers. I believe BIND marks lame
servers and doesn't use them for a while (hoping that they'll get
better). If so, then conceivably if all of the servers for a particular
zone are lame, then BIND nameservers might become temporarily unable to
resolve *any* names in the zone. This would then affect
*all* applications trying to resolve those names. Other nameserver
implementations might treat lame servers similarly, with similar
results.

The most noticeable impact, however, is that if a master goes
non-authoritative, zone transfers break and therefore changes to the
zone won't propagate, thus creating data inconsistencies.


- Kevin

Farid Hamjavar wrote:

> You  all  ,I  am  sure,   have  come  across  the  situation
> where  due  some  reasons,  syntax error  in  named.conf  or
> some  other   configuration  errors  large  or   small,  got
> the  "Non-authoritative  answer"  from your  DNS  server  of
> the  domain   you  admin.  i.e.  you   looked  up  something
> and   got  the   correct  answer   alright,  but   you  also
> see   the  "Non-authoritative   answer"  message.   You  got
> "Non-authoritative  answer" on  a  lookup  of something  for
> which your DNS server is supposed to be authoritative!
>
> Considering  the explanation  above,  here  is my  question.
> When  in  an environment  that  provides  net services  like
> mail,web,ftp,etc,etc   what  services   suffer  and   become
> dysfunctional if name-server behave the way explained above?
>
> Has anyone compiled a list? e.g. Will MTA of various flavors
> (sendmail,qmail,etc)  become paralyzed  if name-server  they
> point to behave the way explained above?
>
> Thanks,
> Farid
> UNM