Are those extra/useless queries? (fwd)

Barry Margolin barmar at alum.mit.edu
Tue Mar 2 18:29:37 UTC 2004


In article <c22dj8$12v1$1 at sf1.isc.org>, Hao Shang <hao at cs.wpi.edu> 
wrote:

> 3) Canonical Name: In the Answer section, the first RR could be a
> canonical name followed by RRs giving resolutions for the canonical
> name. The strange thing is why it sends query again for the canonical
> name even the answers are already included before.
> 
> Is there an option to tune this behavior?
> 
> 4) NS RRs: In the Authoritative Nameservers section of a response,
> name server RRs for a zone are given. And resolutions for them are
> given in the Additional Section. But I observed sometimes (not
> always) Bind sends queries for those server names again even
> resolutions for them are attached before.
> 
> Is there any option to control this behavior?

I think both of these are attempts to avoid cache poisoning by 
non-authoritative servers.  So if the canonical name or NS record is not 
in the same zone as the name that was queried, the additional info 
cannot necessarily be trusted.  The server will ask the authoritative 
server for that zone, to ensure that it has the most reliable data.

-- 
Barry Margolin, barmar at alum.mit.edu
Arlington, MA


More information about the bind-users mailing list