I am currently in the middle of trying to troubleshoot a DNS issue that seems to produce different results when using BIND and Microsoft DNS Servers (This is also an open support-incident with both my ISP and Microsoft Support)
What I am hoping is that somebody might be able to help point me in the direction of an RFC or specification document that might explain the "PROPER" response. I am not interested in any additional "workarounds", since I am already aware of a number of possible alternatives --- I am trying to be objective in my analysis. "Microsoft DNS" and "BIND" are both just "different implementations of the agreed "Internet Standard for DNS" (which is presumably based on one or more RFC documents) I do not want to state "This is Correct" or "This is Wrong" until I have had chance to find the "official standard" that explains the "CORRECT" response. What I am hoping to achieve is to find "precise wording within the RFCs" to narrow down whether this is "open to interpretation", or is a more serious "not fully implementing the 'open standard" ---- Many thanks to anyone who can help or provide any additional insight (such as any "additional forums" that I could approach with this question) --------------------- The issue concerns: * DNS Server (Microsoft or Bind or otherwise) (running with an empty cache) and operating using the standard root-hints. * Note: If forwarders ARE present, this just confuses the issue, because the "primary DNS lookup" is then actually performed by an upstream resolver. The main DNS record in question is: * mail.wilmot.me.uk -- The records for the domain "wilmot.me.uk" are currently hosted on the following authoritative nameservers (servers owned by my ISP): * primary-dns.co.uk internet address = 81.187.30.41 * secondary-dns.co.uk internet address = 81.187.81.32 --- Whichever DNS server (platform + os + version) is used, it seems to come down to the following sequence of events: The "local DNS Server" performs a query for "Type=A, data = mail.wilmot.me.uk" It receives the following response from the ISP. Response Flags: 0x8403 1... .... .... .... = Response: Message is a response .000 0... .... .... = Opcode: Standard query (0) .... .1.. .... .... = Authoritative: Server is an authority for domain .... ..0. .... .... = Truncated: Message is not truncated .... ...0 .... .... = Recursion desired: Don't do query recursively .... .... 0... .... = Recursion available: Server can't do recursive queries .... .... .0.. .... = Z: reserved (0) .... .... ..0. .... = Answer authenticated: Answer/authority portion was not authenticated by the server .... .... .... 0011 = Reply code: No such name (3) Answer: Type: CNAME (Canonical name for an alias) Primary name: wilmot.me.uk.mail.aaisp.net.uk I haave spoken to my ISP about this who has confirmed that they are running BIND on their authoratitive server, and as far as they are aware, thiis believe that is a valid reply. Much appreciated if anyone else can also confirm if this is a VALID response. --- The PROBLEM: 1 - BIND (and it would seem also "Win2008 Server R2") DNS servers would appear to look first at the "ANSWER" part of the response above. They then "correctly (in my opinion)" continue to look up the A record(s) for "wilmot.me.uk.mail.aaisp.net.uk" and then return a result 2 - Win2003, Win2003 R2, Win2008 (all tested on x86 and x64) would appear to look first at the "RESPONSE FLAG" part of the response above. They then "in correctly (in my opinion)" DO NOT perform any further action, and instead return the "Reply code: No such name" part of the response as a "Non-existent domain" response I have checked the results on a number of virtual machines --- I am aware that there are many possible workarounds that I could try, but I want to try and focus on the "solution" rather than just a "temporary workaround" ----------------- Regards, Steven Wilmot Director Data Utilities Ltd _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users