Behaviour of a recursive DNS server

yjchu yjchui at cht.com.tw
Wed Jun 11 01:42:21 UTC 2008 

Content-Type: text/plain;
	charset="big5"
Content-Transfer-Encoding: quoted-printable
I query the domain name "www.google.com.tw <http://www.google.com.tw/> =
",
and the query type is AAAA.

Actually, the DNS server I use is 168.95.1.1, which is the DNS server
provided by Hinet ISP in Taiwan.=20

=20

I try to attach the picture of sniffer result, if you can receive the =
html
mail:



=20

In the picture, the detail content of the first DNS reply is shown. This
first reply, which is very wired for me, contains nothing but only =
CNAME.

=20

Regards

Yann-Ju Chu

=20

-----Original Message-----
From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org] On =
Behalf
Of JINMEI Tatuya / =AF=AB=A9=FA=B9F=ABv
Sent: Wednesday, June 11, 2008 2:38 AM
To: yjchu
Cc: bind-users at isc.org
Subject: Re: Behaviour of a recursive DNS server

=20

At Tue, 10 Jun 2008 14:30:08 +0800,

"yjchu" <yjchui at cht.com.tw> wrote:

=20

> I am trying IPv6 NAT-PT, so I wish my DNS server (my ISP DNS server) =
can
be

> purely recursive.

>=20

> So, I send a recursive query, and my DNS server does reply recursively =
but

> with strange behaviors described as following:

=20

> ----------------------

>=20

> Sometimes, the DNS server will have two replies for single one query.

>=20

> The first reply will only contain the CNAME but no A or AAAA record

> (address) information for the CNAME.

>=20

> Then, the second reply has all the information, including CNAME and =
A/AAAA

> record information.

=20

Can you provide specific domain names and query types that cause this

result?

=20

> I have tried to build up my own DNS server using Bind 9.2.1 and make =
it

> support recursive reply.

=20

I'm not sure if it's related to the issue, but I'd suggest you use a

more recent version.  9.2.1 is way too old and is basically not

supported any more.

=20

> I find that sometimes, the reply of my DNS server just contains CNAME
record

> for my query name, no further information. (No second reply with =
address

> information).

>=20

> However, from the sniffer, the recursive flag in DNS reply is set !!!!

=20

This may be a typo, but in case you really looked at the reply, you

should rather look at the recursive (RD) flag of the *query*.

=20

Finally, you cannot always assume that a response contains a complete

chain to the final answer.  You'll need to adapt your software (the

DNS client) so that it can handle an incomplete CNAME/DNAME chain

anyway.

=20

---

JINMEI, Tatuya

Internet Systems Consortium, Inc.

=20

More information about the bind-users mailing list