about AUTHORITY SECTION
shorttag at gmail.com
Fri Jul 8 01:32:38 UTC 2011
2011/7/8 Kevin Darcy <kcd at chrysler.com>:
> I think it's worth emphasizing that in the first case, the contents of the
> Authority Section were *mandatory* (see RFC 2308, Negative Caching), whereas
> in the second case the authoritative nameserver was *optionally* providing
> NS records in the Authority Section. It could have legally left the
> Authority Section completely empty, and in fact many load-balancers,
> pretending (to various degrees of competence) to be authoritative
> nameservers, will give responses that look like that.
In the second case I think the NS records should be there in the
Consider this case:
example.com. IN NS dns.example.com.
l2.example.com. IN NS dns.example.com.
l3.l2.example.com. IN NS dns.example.com.
When a query for example, dig l3.l2.example.com @dns.example.com, the
nameserver answser without the Authority Section, then the client
won't know the answer is in which authority zone.
More information about the bind-users