Well, the biggest mystery here, in my mind, is why are you getting an
actual *answer* (specifically, 5 records in the Answer Section, with
another 3 records associated with those answers in the Additional
Section) when you query recursively, but no answer when you query
non-recursively (?) Since the server is non-recursive, it's presumably
answering only from its own authoritative data, thus the response should
be the same, regardless of the setting of RD in the query.
The only solution to that mystery that comes to mind, offhand, is if you
have a "match-recursive-only" view defined in your config (do you?).
This would allow recursive and non-recursive queries to be answered from
totally different and unrelated datasets.
If that's true, and also, if your records/record-sets are large, then
everything else is explainable:
-- in the recursive-query case, the NS RRset that one would normally
expect to find in the Authority Section is missing, because it's too big
to fit. TC isn't set in this case, because that NS RRset is not
*required* for the response
-- in the non-recursive-query case, the SOA RR or NS RRset that is
*required* in the Authority Section, for a referral, or a "NODATA"
response, respectively (see RFC 2308), is missing because it's too big
to fit within the 512-byte limit. Since one or the other of these is a
*required* element of the response, TC is set to signal its absence.
Am I completely off-base? Anyone else who has a better theory, please
speak up.
If the mystery still remains unsolved, one thing to try is to perform
both the recursive and non-recursive queries, using TCP or with an
appropriately-sized EDNS0 buffer, and compare/contrast the responses
under those conditions.
Also, since this is a truncation issue, tracing with a tool that, at a
minimum, shows the packet sizes, would help to confirm or deny any
theories attempting to explain the behavior you're seeing.
- Kevin
Peter Andreev wrote:
Because there is nothing in server's logs.
While client sees following:
(query with no RD bit)
- Flags: Query, Opcode - QUERY (Standard query), Rcode - Success
QR: (0...............) Query
Opcode: (.0000...........) QUERY (Standard query) 0
AA: (.....0..........) Not authoritative
TC: (......0.........) Not truncated
RD: (.......0........) Recursion not desired <-
no recursion!
RA: (........0.......) Recursive query support not
available
Zero: (.........0......) 0
AuthenticatedData: (..........0.....) Not AuthenticatedData
CheckingDisabled: (...........0....) Not CheckingDisabled
Rcode: (............0000) Success 0
QuestionCount: 1 (0x1)
AnswerCount: 0 (0x0)
NameServerCount: 0 (0x0)
AdditionalCount: 0 (0x0)
(answer)
- Flags: Response, Opcode - QUERY (Standard query), AA, TC, Rcode -
Success
QR: (1...............) Response
Opcode: (.0000...........) QUERY (Standard query) 0
AA: (.....1..........) Is authoritative
TC: (......1.........) Message truncated <-
message is truncated!
RD: (.......0........) Recursion not desired
RA: (........0.......) Recursive query support not
available
Zero: (.........0......) 0
AuthenticatedData: (..........0.....) Not AuthenticatedData
CheckingDisabled: (...........0....) Not CheckingDisabled
Rcode: (............0000) Success 0
QuestionCount: 1 (0x1)
AnswerCount: 0 (0x0)
NameServerCount: 0 (0x0)
AdditionalCount: 0 (0x0)
(query with RD bit)
- Flags: Query, Opcode - QUERY (Standard query), RD, Rcode - Success
QR: (0...............) Query
Opcode: (.0000...........) QUERY (Standard query) 0
AA: (.....0..........) Not authoritative
TC: (......0.........) Not truncated
RD: (.......1........) Recursion desired <-
RD-flag set!
RA: (........0.......) Recursive query support not
available
Zero: (.........0......) 0
AuthenticatedData: (..........0.....) Not AuthenticatedData
CheckingDisabled: (...........0....) Not CheckingDisabled
Rcode: (............0000) Success 0
QuestionCount: 1 (0x1)
AnswerCount: 0 (0x0)
NameServerCount: 0 (0x0)
AdditionalCount: 0 (0x0)
(answer)
- Flags: Response, Opcode - QUERY (Standard query), AA, RD, Rcode -
Success
QR: (1...............) Response
Opcode: (.0000...........) QUERY (Standard query) 0
AA: (.....1..........) Is authoritative
TC: (......0.........) Not truncated <- TC-flag
not set
RD: (.......1........) Recursion desired
RA: (........0.......) Recursive query support not
available
Zero: (.........0......) 0
AuthenticatedData: (..........0.....) Not AuthenticatedData
CheckingDisabled: (...........0....) Not CheckingDisabled
Rcode: (............0000) Success 0
QuestionCount: 1 (0x1)
AnswerCount: 5 (0x5)
NameServerCount: 0 (0x0)
AdditionalCount: 3 (0x3)
I do not understand why so occurs.
Peter, why don't you post what you are seeing?
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
<mailto:ma...@isc.org>
------------------------------------------------------------------------
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
