RE: missing ‘additional section’

houguanghua houguanghua at hotmail.com
Thu Dec 19 03:11:53 UTC 2013


I'm soory. not DLG, but DLZ.
 
> Date: Thu, 19 Dec 2013 03:07:44 +0000
> Subject: Re: missing ‘additional section’
> From: sjcarr at gmail.com
> To: houguanghua at hotmail.com
> CC: bind-users at lists.isc.org
> 
> On 19 December 2013 00:48, houguanghua <houguanghua at hotmail.com> wrote:
> > If DLG isn't enabled (bind9+view + zone file , no DB is used), the
> > additional section is right.  Maybe it's a bug of Bind DLG.
> 
> What is DLG?
> 
> > What I wanted is as follows :
> > $ dig @10.3.103.177 www.ctyun.cn
> > ; <<>> DiG 9.6-ESV-R10-P1 <<>> @10.3.103.177 www.ctyun.cn
> >
> > ; (1 server found)
> > ;; global options: +cmd
> > ;; Got answer:
> > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30600
> > ;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2
> > ;; WARNING: recursion requested but not available
> > ;; QUESTION SECTION:
> > ;www.ctyun.cn.                  IN      A
> > ;; ANSWER SECTION:
> > www.ctyun.cn.           3600    IN      A       211.162.106.2
> > www.ctyun.cn.           3600    IN      A       211.162.106.1
> > ;; AUTHORITY SECTION:
> > ctyun.cn.               3600    IN      NS      ns1.ctyun.cn.
> > ctyun.cn.               3600    IN      NS      ns2.ctyun.cn.
> > ;; ADDITIONAL SECTION:
> > ns1.ctyun.cn.           3600    IN      A       211.16.106.251
> > ns2.ctyun.cn.           3600    IN      A       211.16.106.252
> >
> > ;; Query time: 137 msec
> > ;; SERVER: 10.3.103.177#53(10.3.103.177)
> > ;; WHEN: Thu Dec 19 08:43:58
> > ;; MSG SIZE  rcvd: 130
> 
> That might be what you want, but that's not what you asked for, you
> asked for the www.ctyun.cn A record. If you want the NS records
> explicitly ask for them. Additional is just that, it's additional
> data, if the name server that you have queried against has them in
> it's cache then it may/may not return them (depending on your config).
> My personal preference here is if you are an authoritative server then
> you should be returning only what was asked for (config option
> minimal-responses = yes), if you are a caching server then chuck
> everything back at the client that you have (minimal-responses = no,
> the options additional-from-cache and additional-from-auth should
> already be set to yes by default and bind will then decide when it's
> appropriate to send back additional data).
> 
> In your first dig, recursion was enabled, but it didn't need to do a
> recursive request as it is authoritative for the ctyun.cn zone. In
> your second dig, recursion is disabled, but it is still authoritative
> for the ctyun.cn zone so I'm not sure why it would return the
> additional records, it doesn't need to as it's simply additional data.
> 
> Without seeing the bind config it's difficult to diagnose from just a dig query.
> 
> Steve
 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20131219/8ac31206/attachment.html>


More information about the bind-users mailing list