dig query
Alan Clegg
aclegg at isc.org
Wed Jan 6 14:26:19 UTC 2010
Pamela Rock wrote:
> The following dig query
>
> dig gov +dnssec +noadflag @10.10.10.1
>
> produces the following flags in the header section:
>
> ;; flags: qr rd ra ad;
>
> Question - what is the relation with the +dnssec and +noadflag
> options in the query. I would think the query would produce a signed
> response with no ad bit in the header section. Why does ad show up
> when I specify +noadflag?
AD is set when authentication is successful by the server to whom you
are sending the query. The "+noadflag" says don't set the AD bit in the
outbound query (which is the default).
AlanC
More information about the bind-users
mailing list