Different answer when querying @server from different clients
cathya at isc.org
Mon Mar 9 08:24:21 UTC 2015
On 08/03/2015 16:00, Steven Carr wrote:
> On 8 March 2015 at 13:50, Barry S. Finkel <bsfinkel at att.net> wrote:
>> Using "+trace" with "@18.104.22.168" ignores the "@22.214.171.124", as
>> that server is never queried when the query starts at the root
>> and moves down the DNS tree to authorized servers.
> Incorrect, specifying @126.96.36.199 means that dig +trace will use 188.8.131.52
> to find the root servers and then continue to query the authoritative
> nameservers directly for any subsequent queries.
What happens with dig +trace is subtle, and not always what you want.
It's a limitation of the dig tool not being a fully-featured recursive
server with a temporary working cache (for intermediate results).
Far better to run your own iterative a non-recursive digs if you really
want to see what's happening.
More information about the bind-users